According to an interview with The Guardian, the Ministry of Defence (MoD) in the UK has admitted to being the target of multiple breaches of its systems thanks to unknown hackers. While the number of attacks, or what systems were breached exactly, aren’t known, the MoD admits that it’s too old to keep up with hackers.
Major General Jonathan Shaw told the publication the number of successful attacks was hard to quantify but they had added urgency to efforts to beef up protection around the MoD’s networks. “The number of serious incidents is quite small, but it is there,” he said. “And those are the ones we know about. The likelihood is there are problems in there we don’t know about.”
“My generation … we are far too old for this; it is not what we have grown up with. Our natural recourse is to reach for a pen and paper. And although we can set up structures, we really need to be on listening mode for this one.”
He added: “If we want to work the response, if we want to know really what is happening, we really have to listen to the young kids out in the street. They are telling us what is happening out there. “That will pose a real challenge to us. This thing is moving too fast. The only people who spot what is happening are people at the coal face and that is the young kids. We have to listen to them and they have to talk to us.”
“It is quite right to say that pure defence, building firewalls, will not keep the enemy out. They might be inside already … there is no such thing as total security. You have to learn to live with certain insecurities. “One needs to engage in internal defence and be quite aggressive about it. And if you are going to manoeuvre in cyberspace, that is something that obviously involves action across the spectrum.”
Shaw said he intended to “mainstream” cyber-capabilities across the MoD by 2015. This included ensuring military commanders had a range of cyber-options to use from a “golf bag” of weapons systems. “As new capabilities come on the block, you reassess whether you need the old ones, whether they are complimentary or duplicatory.
“People have asked me whether cyber-weapons will make conventional weapons redundant. Absolutely not. A hard bomb is actually quite a good cyber-weapon because it can take out a broadcasting station, take out a server.”
“The real challenge is how we secure our supply chains. We are dependent on industry for our technological edge … and preserving that intellectual property is absolutely vital.” He added: “Cyber implies something technical. To the average person in the street, cyber means it is someone else’s problem. But it is everyone’s problem. We can’t just leave it to the techies.”
An MoD spokesman said: “The MoD takes all possible precautions to defend our system from attack from both unsolicited, for example ‘spam’ email, and targeted sources. It would be both misleading and naïve to assume that any system is 100% secure against all possible threats which is why we take additional steps to detect suspicious activity within our own systems. “We also ensure that our most sensitive networks are not connected to the internet and have additional physical and technical measures in place to defend them.”