[BreachExchange] Government unveils national cyber strategy in bid to protect UK from hostile states and ransomware plots

Wed Dec 15 09:36:34 EST 2021

https://www.independent.co.uk/news/uk/home-news/cybersecurity-government-hackers-ransomware-b1976169.html

The government is set to announce its new National Cyber Strategy aimed, it
says, at protecting the country from attacks by hostile states and
organised crime, while projecting “Global Britain” as a “world leader” in
the field.

The programme, funded by £2.6bn allocated in the spending review, will
carry out offensive operations against countries carrying out malign cyber
activities and pursue criminals who are using the internet for ransomware
plots to loot vast sums of money.

The new strategy has been presented as it is claimed that hackers, believed
to be Chinese, have “fully weaponised” software vulnerability which is
causing “mayhem on the web” through exploiting a flaw, Log4Shell, which
allows them to steal data and plant malware.

Some of the world’s largest tech companies, including Microsoft, Cisco, IBM
and Google, as well as state agencies such as the Cybersecurity and
Infrastructure Security Agency (CISA) in the US, have found some of their
servers to be vulnerable. According to security firms, 37 per cent of the
UK’s corporate sector has been targeted with illicit scans taking place to
find weaknesses in their systems.

British officials in the cybersecurity field acknowledge, however, that
bringing the hackers to justice is hugely problematic as they are often
based in foreign jurisdictions and sponsored and protected at times by
intelligence agencies.

The government declared that the new strategy “sets out how the UK will
solidify its position as a global cyber power”. This is the first major
milestone following the publication of the government’s Integrated Review
earlier this year.

Measures put in place over the last five years have seen a rapid growth in
the UK cybersecurity sector, with 1,400 businesses generating £8.9bn in
revenue last year and creating 46.700 jobs, with significant investment
from abroad.

The government is investing in the Cyber Runway scheme, which is helping
107 innovators develop their businesses, with the majority of member
companies outside of London and the southeast, 45 per cent led by women and
52 per cent run by founders from black and minority ethnic groups.

“Funding for these growth and skills programmes will be reoriented away
from large, often London-based initiatives to a regionally delivered model
which will mean more jobs and better opportunities for people across the
UK”, said the government.

Watch More
A significant proportion of the investment, says the strategy papers, will
be in the north in the former Labour ‘Red Wall’ seats taken by the
Conservative Party.

Internationally, there will be particular focus on India, the Indo-Pacific
and Africa, to strengthen alliances against “digital authoritarianism” and
organised campaigns by hackers.

Priti Patel, the home secretary, said: “Cybercrime ruins lives and
facilitates further crimes such as fraud, stalking, and domestic abuse.
Billions of pounds are lost each year to cybercriminals who steal or hold
personal data to ransom and who disrupt key public services or vital
sectors of the national economy.

“This strategy will significantly improve the government’s response to the
ever-changing threat from cybercrime and strengthen law enforcement’s
response in partnership with NCSC and the National Cyber Force.”

The chief of strategic command, Gen Patrick Sanders, said: “This strategy
builds upon the importance of the cyber domain as outlined in the
Integrated Review and sets out a clear vision for how we as a nation will
contribute to the UK’s cyber future. As we continue to face threats in
cyberspace, it is essential that we continue to adapt, innovate, partner
and succeed against evolving aggressive activity.”

Sir Jeremy Fleming, director of GCHQ, stressed the plans will continue
building “on the country’s strong foundations in cybersecurity that GCHQ’s
work has been part of, particularly through the NCSC”.

He added: “But it goes beyond that. It brings together the full range of
cyber activities, from skills to communities, and to the use of offensive
cyber capabilities through the newly established National Cyber Force.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211215/6751af0a/attachment.html>