RegulationSecurity

UK Cyber Security Agency Will Employ “Naughty Boys”

Peter Judge has been involved with tech B2B publishing in the UK for many years, working at Ziff-Davis, ZDNet, IDG and Reed. His main interests are networking security, mobility and cloud

Britain’s new Cyber Security Minister admits to counter-attack capability, and is accused of stealing President Obama’s ideas, and eroding liberties

The UK Government has announced a strategy to deal with cyber-terrorist activity, including the ability to counter-attack – but has been criticised for sidelining Parliament in the decision.

The Office of Cyber Security (OCS), announced on Thursday, appears to be very similar to the US Cyber Command announced by President Obama this week. Its job is to prevent hostile online activity from damaging or disabling the country’s IT infrastructure.

The OCS will operate across government bodies, pulling together related activities by the Ministry of Defence, the police and the intelligence services MI5 and MI6, eliminating duplication, the Cabinet Office announced. It will use a new IT forensics department called the Cyber Security Operations Centre (CSOC) at the Government communications network, GCHQ in Cheltenham,

Without going into any details, officials made it known at a briefing that the OCS will have the ability to counter-attack, promising to respond “proactively”, perhaps applying a denial of service attack on any active cyber-threat, as well as using legal means.

On the BBC Radio 4 PM programme, the new cyber security minister Lord West said groups in other countries attacked Britain’s IT infrastructure “on a regular basis” to try and get industrial information. Any retaliation would be to prevent this rather than to extract secrets from the other nations, he said.

And the CSOC would be staffed by “naughty boy” hackers, he said: “You need youngsters who are deep into this stuff,” he explained.”If they have been slightly naughty boys, very often they really enjoy stopping other naughty boys.”

The OCS marks the first time the official national security strategy has included an IT component, and was announced by prime minister Gordon Brown: “Just as in the nineteenth century we had to secure the seas for our national safety and prosperity, and in the twentieth century we had to secure the air, in the twenty first century we also have to secure our position in cyber space in order to give people and businesses the confidence they need to operate safely there,” he said in a statement. “That is why today I am announcing – alongside our updated National Security Strategy – the UK’s first strategy for cyber security”.

However, the strategy was criticised as a “pale imitation” of President Obama’s moves, by shadow security Crispin Blunt, who also slated the government for releasing the strategy through the media in a written statement without announcing it in the House of Commons.

Although Lord West assured a press briefing that the GCHQ work would be under the scrutiny of an “ethics committee”, the Liberal Democrats protested that the new cyber agency could invade civil liberties: “This new cyber security strategy could lead to an extension of the government’s invasive counter-terrorism powers which already pose significant threats to our civil liberties,” said home affairs spokesman Tom Brake.