Yesterday’s announcement from Foreign secretary William Hague that the UK is setting up a £2m centre of excellent to advise other nations of cyber security issues has been met with generally positive reactions.
Cyberspace is emerging as a new dimension in conflicts of the future. Many nations simply do not yet have the defences or the resources to counter state-sponsored cyber attack. If we do not find ways of agreeing principles to moderate such behaviour and to deal with its consequences, then some countries could find themselves vulnerable to a wholly new strategic threat: effectively held to ransom by hostile states.
The UK is developing a new Centre for Global Cyber-Security Capacity Building in the United Kingdom, and we will be investing £2m a year to offer countries independent advice on how to build secure and resilient cyberspace, improving co-ordination and promoting good governance online.
Eugene Kaspersky, CEO and co-founder of Kaspersky Lab:
There are already two large organisations that want to take the lead in the fight against cybercrime on the international level: the Action Against Terrorism Unit (a department of the United Nations), and Interpol, which plans to open a Cyber Interpol division office in Singapore in 2014. Still, the more organisations there are acting in this field, clearly – the better.
We have arrived at the third stage in the evolution of the Internet – the regulation stage, which comes after, first, the innovation stage, and second, the incidents stage. Of course we are still largely in the second stage of incidents, but regulation is on its way, even though it’s just the beginning. Many countries already have CERTs (Computer Emergency Response Teams) and cybercrime laws, but in many cases law enforcement is faced with shortages of funds and resources, which makes the fight harder.
At the same time, it’s clear that fighting cybercrime today is no longer a job any single entity can effectively perform by itself. This is because cybercrime transgresses geopolitical borders, meaning attackers can target victims on the other side of the world. But law enforcement agencies have jurisdictional limits and are unable to conduct investigations alone across borders. So logically they should cooperate with their colleagues in other countries.
Martin Sutherland, managing director of BAE Systems Detica:
We agree with the Foreign Secretary that cyber attacks are undoubtedly becoming more prevalent – our own threat intelligence service has seen a tenfold increase in attacks over the last six months alone.
As cyber space has no international borders, today’s announcement is encouraging as it fosters international collaboration to combat the cyber problem. The institute should also serve to safeguard the UK. Measures such as these also strengthen the UK cyber industry which, going forwards, should be seen as a valuable export opportunity.
Paul Davis, director of Europe at FireEye:
Clearly, attitudes towards cyber security are beginning to shift in Britain – and not before time. Recent government warnings and an increased defensive stance around the London Olympics demonstrate a step-change in the approach taken by UK leaders – which could make the country well-placed to offer itself up as a centre for cybercrime intelligence and coordination.
However, while it is good to talk about bolstering defences and fighting back in the war on cybercrime, the nature of the threat calls for a ‘less talk, more action’ attitude, and announcements such as this are only the beginning.
Mr Hague has certainly hit the nail on the head with his conclusion that it has never been easier to become a cybercriminal. While this was once the preserve of low-level hackers working alone, the emergence of determined ‘hacktivist’ groups, off the shelf malware packages and readily available hacking tutorials has upped the threat level simply by making cybercrime an organised, mainstream and persistent activity.