Britain is prepared to use the internet to strike computer attackers and enemy nations who launch cyberwarfare attacks on the UK’s infrastructure and businesses.
That’s the message from Foreign Secretary William Hague, who – perched precariously on his cabinet office desk, iPad in hand – has been interviewed by a tabloid newspaper about the growing threat of cyber attack.
Speaking to The Sun newspaper, Mr Hague said:
"We will defend ourselves in every way we can, not only to deflect but to prevent attacks that we know are taking place."
Mr Hague described how the United Kingdom is pouring an additional £650 million into its cyber defences. The extra cash will be split between GCHQ and the Ministry of Defence, which has created its own cyberwarfare unit under the title of the UK Defence Cyber Operations Group.
Last year the UK Government published its National Security Strategy, which ranked cyberspace as “tier one”, a “highest priority for UK national security”, placing internet attacks above – for instance – the risk posed by another state using chemical, biological, radiological or nuclear weapons against Britain.
Mr Hague explained the thinking behind the investment:
"We are trying to prevent an arms race in cyber space. Given that the internet changes every day and billions more people will have access to it over the coming years, the potential for that arms race to grow and go out of control is enormous.
"There is no 100 per cent defence against this, just as there isn't against any other form of attack. We have to defend critical national infrastructure. We have to defend national security. We have to defend our entire commercial and economic system."
It’s clear that Britain is not just keen to be seen to be defending its government computer systems, but also infrastructure targets such as power plants and air traffic control systems.
Considering the most recent reports that the USA contemplated cyber attacks against Colonel Gaddafi’s regime in Libya, and a growing climate of claims of state-sponsored cybercrime, that is perhaps a wise precaution.
And it’s certainly interesting to hear such fighting talk from Foreign Secretary Hague. Long term readers of Naked Security will remember that a couple of years ago I reported on how the BBC’s Eddie Mair mischievously tied the then UK Security Minister into knots over the tricky question of whether UK would ever attack other countries via the internet.
For all the bravado, Mr Hague and the British defence chiefs need to be very careful when planning attacks on overseas computer systems. A key challenge is attribution when it comes to internet attacks – *proving* that someone (or some nation) is behind a cyber attack is very very difficult.
The last thing you would want is to attack an innocent party.