UK parliamentary committee heard evidence of evolving threats from states and criminals
Threat of cyber attack from Russia has intensified, British MPs told
There has been a “consistent rise in the appetite for attack from Russia on critical sectors”, a top British spy told MPs on Monday. Ciaran Martin, who heads the National Cyber Security Centre at GCHQ, warned the UK parliament’s National Security Strategy Committee that in addition to “traditional” targets such as energy infrastructure Moscow is deploying cyber technology “against the west as a whole” to strike at “softer power” with a view to undermining “democratic institutions, media institutions and … free speech”.
Mr Martin gave evidence alongside David Lidington, minister for the cabinet office and chancellor of the Duchy of Lancaster, who told the committee that the character of the threat from “nation states and cyber criminals” is constantly evolving.
More “critical” sectors are at risk today than before, he said, listing among them health, media telecom and energy.
Asked if the ongoing Brexit negotiations posed a potential risk to the existing framework for inter-state cooperation on national security, Mr Lidington assured the committee that “ambitious and intense cooperation” between the UK and EU member states in matters of security would not be affected.
He also told the committee that government contracts will henceforth contain a requirement of cyber security standards that must not be observed by the contracting party but implemented across the supply chain to minimise exposure to cyber attacks.
Mr Martin noted that North Korea’s cyber offensive capabilities were being directed away from “political retaliation attacks” and into “theft of money”. He admitted that “recruiting deep technical expertise is challenging” against the backdrop of multiplying threats and rapidly advancing technology.
He informed the committee that 500 students are being sponsored by his unit to the tune of £4,000 towards their tuition fees on the condition that they will undertake cyber security work in the future.