It’s a matter of “when, not if” Britain is subject to a disastrous cyberattack that could cause cripple national infrastructure, according to the chief executive of the country’s National Cyber Security Centre (NCSC).
Ciaran Martin told The Guardian newspaper that “I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one (C1) attack”.
He said that the country has been lucky to have avoided a C1 attack – this is defined as being one that could attack such critical sectors of the economy as the provision of energy supplies and the day-to-day running of the financial sector – to date.
Mr Martin said that it would be impossible to totally protect against such an incident. “Some attacks will get through. What you need to do [at that point] is cauterise the damage,” he said. America, France and other European countries have already faced similar attacks.
In a speech on Monday night, the chief of the general staff of the British Army, Sir Nick Carter, also highlighted the growing national threat that could come from cyberattacks – from states such as Russia or North Korea, or else from renegade organisations.
The NCSC, which works closely with the government surveillance agency GCHQ, is charged with helping to fight against cyberattacks. It will publish a dossier soon in which it will explain what has worked and what hasn’t in its defensive operations since it started operations in October 2016.
Last May the WannaCry ransomware attack disrupted hospitals, causing operations to be cancelled and spreading fear. The attack was categorised as C2 rather than C1 because it was deemed that there was no danger to life.
Since October 2016 and December last year, the NCSC recorded 34 C2 attacks, with WannaCry the most disruptive of these, and 762 C3 incidents.
“Most comparable western countries have experienced what we would consider a category one attack so we have been fortunate in avoiding that to date,” said Mr Martin, who is a former director general for cybersecurity at GCHQ.
He said that the threat from attacks such as WannaCry was as grievous as that which could occur from state-directed attacks.
“What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft – disrupting infrastructure – through to trying to get money through attacks on banks, but also the deployment of ransomware — albeit in a way that didn’t pan out in the way the attackers wanted to,” he told the newspaper.
State-sanctioned intrusions have also come Russia, China and Iran.
“What we have seen from Russia thus far against the UK is a series of intrusions for espionage and possible pre-positioning into key sectors but in a more controlled form of attack from others,” Mr Martin said. “Offensive cyber will be an increasing part of the UK’s security toolkit.”
He also noted that following the alleged interference in the 2016 American presidential election, there was an increasing awareness that British elections and political life in the country were coming under attack.
Before last year's general election, “the main parties in the House of Commons did ask for and did receive guidance on the sort of threats they were likely to face and we worked with each of them”, Mr Martin said.
The heightened awareness about cyberattacks against elections have made electronic voting less likely, he said. “With the current state of high alert around elections, I think it make sense that there are not any current plans to move to electronic voting,” Mr Martin said.
And despite Brexit, he said that “there is significant momentum in Europe to get the European cybersecurity across the whole continent on a stronger footing, and that is great”.
