The rapid development of digitalized services and online shopping in the UK has been paralleled with significant growth in cybercrime, leading to greater spending on security in public and private sectors. Organizations’ IT footprints have also become increasingly complex, driving demand for more sophisticated and bespoke cyber solutions.
There is also cyber warfare threat from Russia, China and others. Russian cyber attacks have targeted Britain’s energy networks, telecommunications and media as part of efforts to “undermine the international system”, a senior security official has revealed in 2017. In April 2021, Britain joined the United States in saying Russia’s foreign intelligence service, known as the SVR, was responsible for the SolarWinds hack which led to the compromise of nine federal agencies and hundreds of private sector companies.
In July 2021, the UK, US and EU have accused China of carrying out a major cyber-attack earlier this year. The attack targeted Microsoft Exchange servers, affecting at least 30,000 organisations globally. Western security services believe it signals a shift from a targeted espionage campaign to a smash-and-grab raid, leading to concerns Chinese cyber-behaviour is escalating. The Chinese Ministry of State Security (MSS) has also been accused of wider espionage activity and a broader pattern of “reckless” behaviour.
In an unusually blunt speech, Jeremy Fleming, director of the GCHQ spy agency, said the West faced a battle for control of technologies such as artificial intelligence, synthetic biology and genetics. “Significant technology leadership is moving East,” Fleming said at Imperial College London. “The concern is that China’s size and technological weight means that it has the potential to control the global operating system.” Fleming said that if Britain wished to remain a global cyber power then it would have to develop “sovereign” quantum technologies, including cryptographic technologies, to protect sensitive information and capabilities. Russia remains the biggest immediate threat to the West but Communist China’s long-term dominance of technology poses a much bigger problem, he said. “Russia is affecting the weather, whilst China is shaping the climate,” he said.
Driven by the factors listed above, the $7 billion cyber market is forecasted to grow at over 9% CAGR. At the same time, U.S. companies and technologies are exceptionally well perceived in the region and many U.S. cyber tech providers operate successfully in the UK. There are currently over 800 firms actively providing cybersecurity products or services in the UK.
As part of its broad response, UK is currently in the process of developing a 250-strong cyber security regiment, the 13th Signals, created in 2020, alongside a cyber security defence force. More recently still, the MoD has announced a major digital funding package including more money for cyber defences, and earlier 2021 it ran its first-ever bug bounty challenge with HackerOne, which led to the discovery of a number of security vulnerabilities, ranging from authentication bypass issues to misconfigured systems.
National Cyber Security Strategy (NCSS)
In 2016, the government launched its National Cyber Security Strategy (NCSS). The five-year plan (2016-2021) was underpinned by £1.9 billion in funding. Its purpose was to make the UK “secure and resilient to cyber threats.” A new Civil Nuclear Cyber Security Strategy has been issued by the Department for Business, Energy and Industrial Strategy in the UK. BEIS says the strategy helps ensure the UK has a secure and resilient energy system “by ensuring that the civil nuclear sector is able to defend against, recover from, and is resilient to evolving cyber threats”.
The strategy has been broken down into three areas: defence, deter and develop.
Defence, the chancellor said government will reorganise its own defences, dealing with the plethora of government departments’ IT security arrangements and shortcomings in cyber-security. “We will develop a series of measures to actively defend ourselves against cyber attacks. These national capabilities, developed and operated by the private sector, will reinforce the UK’s reputation for being one of the safest places in the world to do business.”
“We all have a role to play in protecting computers, networks and data. We will improve the way government protects its data by applying appropriately high standards of cyber security to government systems, introducing stronger defences for our systems and maintaining public confidence in our online government services. We will build a new secure, cross-government network to improve joint working on sensitive cyber issues.”
One company the government is highlighting here is Netcraft for “automated defence techniques to reduce the impact of cyber-attacks by hackers, stopping viruses and spam emails ever reaching their intended victims for example.”
“We will improve our national ability to respond quickly and effectively to cyber attack. We will create a new National Cyber Centre to lead this response. Operating under GCHQ leadership, it will manage our future operational response to cyber incidents, ensuring that we can protect the UK against serious attacks and minimise their impact.”
Government is also making efforts to increase cyber resilience around the globe in over 50 countries, by raising public awareness and reinforcing Computer Security Incident Response Teams.” We’ve also started testing an ambitious Active Cyber Defence programme of ground breaking initiatives to improve basic cyber security across the public sector. Today, we are launching the next phase of our Cyber Aware programme through the Tech-Free-15 campaign which encourages the public and small businesses to adopt secure behaviours, like taking time out to install software and app updates to better protect themselves from cyber crime,” said First Secretary of State Damian Green.
On deterrence, “UK will not only defend itself in cyberspace but would also be prepared to “strike back against those that try to harm our country”. “And we will continue to invest in our offensive cyber capabilities, because the ability to detect, trace and retaliate in kind is likely to be the best deterrent. ” Primarily based in the Government Communications Headquarters (GCHQ), these capabilities will enable us to match the pace of technological change,” said government’s 2015 Strategic Defence and Security Review.
Finally, on the develop strand, the government will place strong emphasis on research and development and education. “We will invest in capabilities to detect and analyse cyber threats, pre-empt attacks and track down those responsible. To that end, the government will recruit over 50 cyber-crime investigators for the National Cyber Crime Unit (NCCU). This is part of the government’s plans to invest tens of millions of pounds in cyber-crime law enforcement at local and national level.
A new Cyber Security Research Institute – a virtual collection of UK universities – will look at ways to increase the security of smartphones, tablets and laptops. In addition, the UK’s first cyber security Innovation Centre will be created in Cheltenham and the UK will launch a Cyber Innovation Fund next year to help develop new technology.
“So our goal is not just to defend and deter cyber attacks, but also to develop our cyber security ecosystem. This means bringing together our local cyber security clusters and our world leading universities including the 14 Academic Centres of Excellence in Cyber Security.” The new Cheltenham Innovation Centre has been opened a Cyber Accelerator programme has been launched, which provides start-ups with access to world-class experts to help them build cutting-edge technology, said green.
And the Department for Digital, Culture, Media and Sport kicked off their comprehensive Cyber Schools Programme, which aims to train nearly 6,000 young people over the coming years through extracurricular activities with the SANS Institute, BT, FutureLearn and the Cyber Security Challenge.
“The Government will ensure that our Armed Forces have strong cyber defences, and that in the event of a significant cyber incident in the UK, they are ready to provide assistance. We will provide the Armed Forces with advanced offensive cyber capabilities, drawing on the National Offensive Cyber Programme which is run in partnership between the MOD and GCHQ.”
We will continue to help NATO and other allies to protect their networks using our intelligence and technical insights, and we will use our advanced capabilities to enable the success of coalition operations.
Chancellor of the Exchequer, Philip Hammond said: “Britain is already an acknowledged global leader in cyber security thanks to our investment of over £860m in the last Parliament, but we must now keep up with the scale and pace of the threats we face. Our new strategy, underpinned by £1.9 billion of support over five years and excellent partnerships with industry and academia, will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked.”
Ben Gummer, Minister for the Cabinet Office & Paymaster General, said: “The first duty of the Government is to keep the nation safe. Any modern state cannot remain secure and prosperous without securing itself in cyberspace. That is why we are taking the decisive action needed to protect our country, our economy and our citizens.”
National Cyber Security Centre
The most successful part of the NCSS has been the setting up of the National Cyber Security Centre (NCSC). The centre helps people manage cyber risk. It assists SMEs, larger organisations, government departments, and the general public. The NCSC, is part of the Government Communications Headquarters (“GCHQ”), the UK’s intelligence and security arm akin to the National Security Agency in the United States.
The NCSC is designed to be the UK’s single, central body to manage cybersecurity incidents in the country and UK’s hub for interagency cooperation. In all, they responded to more than 590 significant cyber incidents, more than 30 of which were sufficiently serious to require a cross-Government response.
The NCSC expects to take the lead in responding to the most serious cybersecurity incidents, especially on critical national infrastructure, but also plans to help raise the security capability in the UK against day-to-day malicious activity.As part of the NCSC’s operation, the UK government plans to invest £1.9 billion ($2.4 billion) in cybersecurity over the next five years.
As well as providing advice, the NCSC actively combats cyber crime. It responded to over 700 cyber incidents in 2020, up from 658 in 2019. It also helped almost 1,200 organisations handle cyber attacks in 2020.
A key strand in this approach has been the NCSC’s Active Cyber Defence (ACD) programme, which aspires to protect the majority of people in the UK from the majority of the harm, caused by the majority of the attacks, for the majority of the time. It is intended to tackle the high-volume commodity attacks that affect people’s everyday lives, rather than the highly sophisticated and targeted attacks, which we deal with in other ways.
Another success was the launch of the Suspicious Email Reporting Service (SERS) in April 2020. The service enables the public to forward suspicious emails to a government address. Malicious email addresses and URLs can then be taken down. In the first four months of operation, the SERS received 2.3 million reports from the public. The NCSC took down 22,000 malicious URLs and 9,300 malicious web links based on the information provided.
Building cyber talent
Various NCSC initiatives aim to encourage diverse talent into cyber security. CyberFirst, an initiative for students aged 11 to 19, seeks to build the next generation of cyber professionals. It includes student bursaries, free courses, and competitions. The CyberFirst Girls Competition encourages female talent in particular. The CyberFirst Bursary scheme had 750 students in 2020, with 180 more due to be onboarded. All students who have graduated from the programme entered full-time cyber security roles. To manage cyber career opportunities going forwards, the government is setting up a UK Cyber Security Council. Launching on 31 March 2021, it will set standards and define clear learning paths for the cyber security sector.
Cyber Security Initiatives
Britain said it would invest 22 million pounds ($31 million) to help vulnerable countries in Africa and the Indo-Pacific build up their cyber defences to prevent China, Russia and others from filling a cyberspace vacuum. It is important to win the “hearts and minds” of like-minded countries such as India to prevent countries like China and Russia from filling the multilateral vacuum and misusing digital technology to steal and sabotage, UK Foreign Secretary Dominic Raab warned in May 2021.
Britain’s National Cyber Security Center also published new guidance for industry on cyber security in Jan 2018. Britain’s most critical industries will face fines of up to 24 million U.S. dollars if they do not have effective cyber security measures. The hefty penalties will apply to energy, transport, water and health firms if they fail to have the most robust safeguards in place against cyber attack. Sector-specific regulators will be appointed so essential services are protected. The regulators will be able to assess critical industries to make sure plans are as robust as possible.
Minister for Digital and the Creative Industries, Margot James, said: “Today we are setting out new and robust cyber security measures to help ensure the UK is the safest place in the world to live and be online. “We want our essential services and infrastructure to be primed and ready to tackle cyber attacks and be resilient against major disruption to services.”
The new measures will encompass potential threats affecting IT such as power outages, hardware failures and environmental hazards. Under the new measures recent cyber breaches such as WannaCry and high profile systems failures would be covered by the new reporting system. Such will have to be reported to the regulator who would assess whether appropriate security measures were in place, according to officials. The new directive, scheduled to come into operation in May, is part of a 2.7 billion U.S. dollars national cyber security strategy by the British Government.
The concerns have also been raised about the threat to Nuclear power plants from both conventional cyber-criminals and nation-state actors. And SCADA legacy equipment – that is, computers and electronics that play a part in running nuclear plants but were developed prior to the advent of the internet – are widely regarded as dangerous because they lack robust online security systems. A blended attack is another scenario that it is concerned about, in which an adversary uses a cyber-attack to enable or reinforce a physical attack
“The first duty of the Government is to keep the nation safe. Any modern state cannot remain secure and prosperous without securing itself in cyberspace. That is why we are taking the decisive action needed to protect our country, our economy and our citizens.”
NCSC taps security startups in August 2021
Five UK startups have been selected to work with the National Cyber Security Centre (NCSC) to address the most serious national cyber security threats facing the UK. The NCSC for Startups initiative is a joint venture with London-based innovation centre Plexal, supported by Deloitte, CyNam, Cheltenham-based co-working space Hub8, and tech skills provider QA.
The programme is the successor to the NCSC’s Cyber Accelerator programme, which helped more than 40 tech companies raise over £100 million of investment. The five companies – PORGiESOFT, Exalens, Enclave, Meterian, and Rebellion Defence – will receive direct support from Plexal’s cyber innovation team as well as leading experts from the NCSC and GCHQ. They will also gain access to wider technical and commercial opportunities with Plexal’s industry partners across the UK’s cyber security ecosystem. However, each startup will keep all intellectual property and equity created during the programme.
The companies have been chosen to work on specific areas of cyber security, such as threat detection and zero trust overlays. PORGiESOFT, for example, provides an AI-based edtech service for teachers and students, helping them to explain or learn essential elements of cyber security. Rebellion Defence uses AI to defend national security systems against threats like ransomware, expertise which will now be deployed to the national stage.
The Defence and Security Accelerator (DASA) has launched a new Innovation Focus Area, or IFA, to seek out and develop technologies that will reduce the Ministry of Defence’s (MoD’s) exposure to cyber attacks on its systems and platforms. The UK’s defence sector currently has a large, integrated network of legacy security technologies giving malicious actors a substantial and diverse attack surface to have a pop at, and the scheme will supposedly “accelerate next-generation hardware and software technologies” to address vulnerabilities in networks and systems.
The brief seeks technologies that can be intelligently applied to reduce the chance of successful cyber attacks; can raise the barrier to entry for hostile actors and give the UK military confidence and assurance that it can withstand cyber-enabled attacks; and are novel and applicable across a class of attack surface, as opposed to tailored to specific threats. It is not seeking off-the-shelf products that will not need experimental development, or anything that offers no real prospect of integration into the UK’s defence and security capabilities, or offers no real prospect of out-competing extant products and services.
DASA said it expects to fund proposals within Technical Readiness Level 4 to 7, for up to £300,000 across a nine-month contract period. Proposals will need to demonstrate how they will achieve a technical demonstrator by the end of the 2023 fiscal year, should further funding be made available. More details are available here.
References and Resources also include: