With reports revealing that the UK suffered around 300 significant cyber attacks in the past year, evidence is mounting that the attacks are the work of foreign states.
The Government's security chief has issued a thinly veiled threat to state sponsors of cyber terrorism that the country could only stand by for so long before retaliating.
Lord West of Spithead, the parliamentary under-secretary for security and counter-terrorism, told The Observer yesterday that the UK had been the target for 300 significant attacks on core government networks over the past year, and said such attacks were only like to increase in scope and frequency.
He added that many of these daily attacks were clearly the work of foreign states, but the nature of the attacks made it difficult to acquire concrete proof.
“There is no doubt that some state actors have sucked out huge amounts of intellectual copyright, designs to whole aero engines, things that have taken years and years of development,” West said. “The moment you mention a particular state, they will deny it. The problem with cyberspace is that attribution is extremely difficult. It's almost impossible to do it in terms of evidence that would be necessary in a court of law.”
However, he warned that the longer the country was subjected to sustained attacks, the greater the chances of action being taken in response. “If some state sponsor keeps trying to get into your systems, probably for industrial espionage, are you going to go back into their system and bugger it up? We're all capable of doing these things. At the moment we wouldn't do that, but maybe this is where we need to have discussions.”
While West was careful not to mention any specific countries by name, the UK's security service MI5 has warned that tackling espionage activities conducted by agents operating out of China and Russia was taking an increasing proportion of its time and resources.
“The problem with cyberspace is that attribution is extremely difficult,” West said. “It's almost impossible to do it in terms of evidence that would be necessary in a court of law.”
Nato and the European Union, meanwhile, have been ordered to beef up their efforts to protect intelligence material after a pronounced upswing in cyber attacks originating in China recently.
Analysts in the US say government and military institutions had little answer to the latest wave of attacks, a problem made worse by the fact that EU nations struggle to come up with a single unified strategy.
A Symantec report released last month revealed that UK business lose, on average, about £1.2 million each as a result of cyber terrorism.