Top GCHQ spook warns of ‘disturbing’ levels of cyber-raids
With a crunch conference on government cyber-security starting tomorrow, the director of government spook den GCHQ, Iain Lobban, said Britain had faced a “disturbing” number of digital attacks in recent months.
Attackers had targeted citizens’ data, credit card numbers and industry secrets, Lobban said.
“I can attest to attempts to steal British ideas and designs – in the IT, technology, defence, engineering and energy sectors as well as other industries – to gain commercial advantage or to profit from secret knowledge of contractual arrangements,” the eavesdropping boss added in his article for The Times.
According to Foreign Secretary William Hague there were more than 600 “malicious” attacks on government systems every day, while criminals could snap up Brits’ stolen card details online for just 70 pence a throw.
The statement was paired with the announcement of a £650m investment in cyber-security over the next four years, with both Hague and Lobbman arguing that industry and government need to work together to pull off a safe, resilient system.
Countries that could not protect their banking systems and intellectual property will be at a serious disadvantage in future, Hague told The Times.
The government could have its work cut out, though: security software maker Symantec today suggests that businesses are cutting back on cyber-security and are less aware of and engaged with the big threats than they were last year. Symantec was specifically staring at industries integral to national security.
It found that only 82 percent of them participated in government protection programmes, down 18 points since last year.
Symantec reckoned that reduced manpower meant companies had less time to focus on big structural threats.
“The findings of this survey are somewhat alarming, given recent attacks like Nitro and Duqu that have targeted critical infrastructure providers,” said Dean Turner, a director at Symantec.
“Having said that, limitations on manpower and resources as mentioned by respondents help explain why critical infrastructure providers have had to prioritise and focus their efforts on more day-to-day cyber threats.” ®