UK National Security Strategy Published

Monday, October 18, 2010

Mark Gardner

1f2f664e68a603b3c54890fbbcd37857

On the 18th of October, 2010, the UK Government published their National Security Strategy.

This placed "Hostile attacks upon UK Cyberspace by other states and large scale cyber crime" at the same level as International Terrorism, and International Military threats.

I wish to go through what the Government wrote about cyber crime and offer my own thoughts.

1. "Government, the private sector and citizens are under sustained cyber attack today, from both hostile states and criminals."

The key word for me here is sustained.  I think this may shock many members of the general public who may only think security is threatened when there is a new virus outbreak, or dare I say it, Nigerian Prince e-mail.

These attacks are quantified as theft of intellectual property, information and identities, in order to defraud, individuals, organizations and the government. 

2. "By 2015 there will be more interconnected devices on the planet than humans."

Just think about that for a second. According to the UN the current population is 2 370 999 292 or approximately 2 billion people (if billion is defined in thousand millions).  What seems a little science fiction is that Cars and Fridges will be networked. It also mentions phones but does not explicitly mention, computers, tablets etc.

3. Global web users today stands at 1.7 billion compared to 16 million just 15 years ago.

If ever there was any doubt that the Internet was truly part of our lives then this proves it. By my crude calculations that means 70% of the worlds population are connected, via the beast we call the World Wide Web.

World2010pr 

4. Cyber Crime estimated at $1 Trillion globally per year.

I dread to think how much that costs per user. I imagine most comes from intellectual property hence the perceived need for the Digital Economy Act in the UK.

5. The Olympics a target. In 2008 Beijing suffered 12 million cyber attacks per day.

These games ran (excuse the pun) for 16 days. Therefore the total number of attacks for the games were 192 million.

The number of users of the Internet in 2008 was 1,574,313,184. Therefore as the number of internet users increases expect a far larger attack statistic in 2012.

Those were the main points that jumped out. Of ancillary points that made an impression there was one, in particular:

UK has suffered no damage due to Stuxnet (at time of publishing)

I would add - that have been reported to that quote, although it doesn't say it in the report.

In conclusion what I would say is that whilst the Internet is a useful and wonderful thing, as it says in the report, a fourth utility, the number of users and the number of risks are increasing.

How long before governments, companies start publicising moves away from detection of attacks to moving the focus to prevention of those attacks?

It is, in my mind going to be impossible to keep up with the rate of change in attack in the future, thereby leading to a change in security posture, for Governments to try to protect their citizens. 

Cross posted from http://markgardner.co.uk

Possibly Related Articles:
12597
Policy
Cyberwar Cyber Crime Stuxnet
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.