Defending the defenders

Inside the Enterprise: MPs question the armed forces' readiness to deal with cyber security attacks. Businesses should pay attention too.

The Latin saying, "Quis custodiet ipsos custodies", or "who guards the guards", usually appears in debates about whether those in authority have too much power over ordinary citizens.

But a report from the House of Commons' Defence Committee suggests a more literal meaning: who is protecting our protectors?

It seems that, when it comes to the UK armed forces and cyber security, they are not protected well enough. Over the last decade, most countries' militaries have become more reliant on IT, and the UK's forces are no exception.

Should systems suffer a sustained cyber attack, their ability to operate could be fatally compromised

This poses some risks both to military operations, and the day to day functioning of the armed forces. If military defence systems lack proper protection from cyber security attacks, a relatively low-risk, low-cost malware infection could wreak havoc on a par with an outright military assault. This could either be a standalone threat, or a precursor to the type of overt, armed action that security experts call a "kinetic" attack.

The move towards greater use of computer systems, cheaper Common Off The Shelf (COTS) technology in computing and telecoms, and the greater use of outsourcing and civilian contractors, is creating chinks in the forces' electronic armour.

The Committee did not mince its words, and it is worth quoting some of the report in detail.

"The evidence we received leaves us concerned that with the armed forces now so dependent on information and communications technology, should such systems suffer a sustained cyber attack, their ability to operate could be fatally compromised," the MPs wrote. "It is not enough for the Armed Forces to do their best to prevent an effective attack."

And it is not just a question of hackers disabling administrative systems, or communications.

"Perhaps the most worrisome scenario of all is a cyber attack that could render dysfunctional main combat units such as airplanes or ships, or that could limit their operational capability or reliability. [...]," warned MPs.

"Moreover the increased utilisation of robotic devices such as drones, battlefield robots and UAVs over the battlefield has numerous advantages, but also creates a new type of information security challenge that is not yet fully understood, studied or realised."

The Committee singled out parts of the defence establishment for praise, particularly the joint work being done by the military and the private sector.

But the message is that the MoD, as well as the individual services, need to do more to guard against a cyber security attack, and to plan their military defence response if one happens.

Continues over page.

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Most Popular

Do smart devices make us less intelligent?
artificial intelligence (AI)

Do smart devices make us less intelligent?

19 Oct 2020
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?

What is Neuralink?

24 Oct 2020