UK To Increase National Cyber Defences

Uploaded on 2016-11-01 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

Automatic defences to stop hackers hijacking websites or spoofing official domains will get a boost from a £1.9bn UK government cybersecurity strategy.

UK Chancellor Philip Hammond is expected to give details of the plans shortly.  The strategy will  help enlarge specialist police units that tackle organised online gangs. Other defences that intercept booby-trapped emails or shut down thieves impersonating bank websites will also be expanded. Some cash will go towards education and training of cybersecurity experts.

Background

In September, Yahoo confirmed that 500 million user details had been accessed in a historic data breach. Last December, a cyber-attack on a western Ukrainian electricity distribution company caused a major power outage affecting 220,000 customers and causing an electricity blackout in the region. And earlier this year, a hacker accessed the payment system of the Bangladesh Central Bank in an attempt to transfer $951 million (£779m) fraudulently, successfully pocketing $81 million before the authorities stepped in.

No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now.  Our adversaries are varied: organised criminal groups, hacktivists, untrained teenagers and foreign states.  

Attacks can cause economic damage, erode public trust in online services and by enabling fraud do real harm to individuals, their property and their privacy.  The Ukrainian attack shows the potential for the most worrying scenario: cyber-attacks by sophisticated actors designed to disrupt essential services, like energy, water and transport networks.

UK Plans

The plans will set out action needed to protect the UK economy and the privacy of British citizens, and will also encourage industry to ramp up efforts to prevent cyber-attacks. Mr Hammond said Britain "must now keep up with the scale and pace of the threats we face".

"Our new strategy... will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked," he added.

Ben Gummer, paymaster general, said in a statement: "No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now. "Our adversaries are varied - organised criminal groups, 'hacktivists', untrained teenagers and foreign states."

Finding talent

The £1.9bn to pay for the national strategy was allocated last year and will fund the programme until the end of 2020.

In its strategy, the government explained what some of the money has been spent on already.

With the aid of industry, it has set up automated systems that limit how much malware and spam reaches UK citizens. Other projects have helped the government verify where emails come from to thwart specific tax fraud campaigns aimed at the UK.

Future spending plans involved cash for recruiting more than 50 specialists who will work at the cybercrime unit at the National Crime Agency. These will help tackle organised gangs and aim to raise the cost of engaging in hi-tech crime to make it much less attractive.

The cyber-plan will also involve the creation of a Cyber Security Research Institute that aims to unite researchers across the UK's universities to work together on improving defences for smartphones, laptops and tablets.

Security-based start-ups will also get help via an innovation fund that will commercialise work on novel tools and defences. A national scheme will also be set up to retrain "high-aptitude professionals" as cybersecurity experts.

Prof Alan Woodward, a computer security expert from the University of Surrey, said he hoped the government spent cash on the "high volume, low sophistication attacks" that plague people and cause the majority of financial losses.

"I hope the £1.9bn will be spent in growing talent," he said. "The government talk about 50 recruits here and 50 there. I'm afraid we need many more."

Prof Woodward said it was getting "increasingly difficult" to persuade young people to study computer science and getting them to try cybersecurity was "a real headache".

"I would really like to see money put into reaching young people early enough to influence the subjects they decide upon at school and pairing an image for them of just how interesting and rewarding a career in cybersecurity can be," he said.

BBC:        Telegraph:    UK’s New National Cyber Security Centre:

 

« Google AI Invents Its Own Cryptographic Algorithm
Shadow Brokers Release Secret List Of NSA-Compromised Servers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Becrypt

Becrypt

Becrypt is a trusted provider of endpoint cybersecurity software solutions. We help the most security conscious organisations to protect their customer, employee and intellectual property data.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Cybercrypt

Cybercrypt

Cybercrypt is a world leading system provider in robust cryptography. Protecting critical assets, applications and sensitive data.

Sasa Software

Sasa Software

Sasa Software is a cybersecurity software developer specializing in the prevention of file-based network attacks.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

ATIA

ATIA

ATIA provides consulting services in the design and implementation of IT system, Information Security, ISO certification, and professional IT training and education.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

Accel

Accel

Accel is a leading venture capital firm that invests in people and their companies from the earliest days through all phases of private company growth. Areas of focus include cybersecurity.

Cyber Security Advisor

Cyber Security Advisor

Notice how sophisticated the cybersecurity market is. Think how would you pick the security provider, assess your company, and be sure of your security decisions? Cyber Security Advisor is the answer!

ZINAD IT

ZINAD IT

ZINAD is an information security company offering state-of-the-art cybersecurity awareness products, solutions and services.

InterSec Inc.

InterSec Inc.

InterSec Inc. is a cybersecurity company that offers a variety of services to small and medium-sized businesses including CMMC Compliance, Program Management, Governance, & Cybersecurity.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

ARC Risk and Compliance

ARC Risk and Compliance

ARC Risk and Compliance is a consulting company comprised of a team of AML Specialists completely focused on anti-money laundering compliance and the technologies used to support compliance programs.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

QPoint Technologies

QPoint Technologies

QPoint provides solutions and consulting in areas including software engineering, testing, cybersecurity, ICT, web, mobile, project management, and complex integration processes.