Much has been made in recent times about the impact of Russian hackers on the US Presidential election and other political events and national infrastructure projects.
But in the most potent and provocative intervention to date, the UK’s Defence Secretary, Michael Fallon has used a speech given at his old university, St Andrews, to openly accuse Russia of using hacking and the dissemination of misinformation to cause disruption in Western democracies.
Hacking and Misinformation
He said of Russia that “Today we see a country that in weaponising misinformation has created what we might now see as the post-truth age” and described their activities as being a “persistent pattern of behaviour that is becoming more pronounced.”
He went on to list a series of major cyber-attacks which he attributed to Russian-based hackers. The implications of his words were that these attacks were carried out at the behest of the Kremlin.
The incidents he highlighted included a cyber-attack in 2015 which took the French television channel TV5Monde off the air, another hack later the same year which took one of Germany’s parliament’s networks offline and an October 2016 attack on Bulgaria.
At the time the President of Bulgaria, Rosen Plevneliev, described the attack as “the heaviest and most intense cyber-attack…conducted in south-east Europe”, while the German Federal Authorities said of the attack on their Parliament that it was “steered by the Russian state”.
According to Michael Fallon, these incidents and the countless others that have been recorded are evidence of Russia testing the West and NATO. “”It is seeking to expand its sphere of influence, destabilise countries, and weaken the alliance,” he said. “It is undermining national security for many allies and the international rules-based system.”
Importance of Cyber-Security
Fallon went on to stress the importance for NATO and the UK of cyber security stressing that they needed to be more adaptable and resilient to counter the threats posed by Russia and others.
“Cyber defence is now part of NATO’s core task. NATO must defend itself as effectively in the cyber sphere as it does in the air, on land, and at sea,” he said.
It is perhaps then a little unfortunate that the morning after Fallon’s speech saw a committee of MPs publishing a highly critical report about the UKs own cyber security infrastructure.
The report from the Public Accounts Committee entitled Protecting Information Across Government was critical of the UK Government for failing to consolidate the “alphabet soup” of agencies tasked with seeing off cyber-attacks on the UK Government. They also described the handling of public sector data breaches as “chaotic”.
The report highlighted a lack of skilled cyber-security experts working within the public sector. They also questioned the considerable lack of clarity over the role the recently established National Cyber Security Centre is likely to play in the battle.
Responding to the report, the Cabinet Office (another department whose precise role the report questioned) highlighted the Government’s National Cyber Security Strategy and the £1.9 billion that has been pledged in cyber-security investment.
But despite this rebuttal, there is still an overwhelming sense that the Government is preaching to others to do what I say not what I do.
The issues highlighted by the Public Accounts Committee report are not new ones. For the best part of a decade, experts have been questions exactly where in the public sector responsibility for cyber-security lies. And still today we are no closer to a clearly defined answer.
And one of the many impacts of public sector wage freezes in recent years has been the departure of many experts to the private sector and the higher salaries that come with it. Again, this is a pattern which continues today.
Which all sits in stark contrast to the focus and resources which countries like Russia are pouring into the sector, for better or worse. The UK can only hope to keep pace with the threat from countries like Russia and China if it is willing to put resources into the issue and focus policy properly.
Failure to do so will see them constantly swimming against the tide and make calls to arms like the one issued by Michael Fallon yesterday ring all the more hollow.