UK internet security rated among Europe's best

A House of Lords committee has found that the UK internet infrastructure is robust enough to survive many types of attack
Written by Tom Espiner, Contributor

Internet security around the UK's critical national infrastructure is among the best in Europe, a House of Lords committee has found.

Essential UK utilities, banking and government systems are "reasonably well-placed" to cope with disruptions from cyberattacks and natural disasters, the Lords European Union committee said in a report on Tuesday.

However, vulnerabilities in systems in other EU member states and European internet infrastructure could have an unforeseeable knock-on effect on UK systems, committee chairman Lord Jopling told ZDNet UK on Wednesday.

"In the cyber-world, an attack on one country can affect another," Lord Jopling said. "Some countries are not as well prepared as the UK, and here we see a role for the EU to play in bringing up countries with deficiencies to the level of the UK."

A source close to the report said some Eastern European countries have internet security deficiencies within their national computing infrastructures. The source declined to identify any particular countries, but said that in general the more recently the country had joined the EU, the poorer the state of the country's internet security.

Lord Jopling said physical infrastructure is also a point of failure. He cited the series of cable cuts that disrupted internet traffic to the Indian sub-continent at the beginning of 2008.

The committee report, entitled Protecting Europe Against Large-Scale Cyber Attacks, proposed that the European Commission encourage member states to work towards parity of critical information infrastructure resilience, and that national computer emergency response teams (Certs) be established in member states that need them. Lord Jopling said the UK already has a variety of public- and private-sector Certs that talk to each other, making a national UK Cert unnecessary.

The report also recommended a broader role for the European Network and Information Security Agency (Enisa). It said the agency should have more resources and act as an information transfer network for police and judicial co-operation about criminal use of the internet, in addition to its current role as an information exchange point.

Editorial standards