UK To Increase National Cyber Defences

Automatic defences to stop hackers hijacking websites or spoofing official domains will get a boost from a £1.9bn UK government cybersecurity strategy.

UK Chancellor Philip Hammond is expected to give details of the plans shortly.  The strategy will  help enlarge specialist police units that tackle organised online gangs. Other defences that intercept booby-trapped emails or shut down thieves impersonating bank websites will also be expanded. Some cash will go towards education and training of cybersecurity experts.

Background

In September, Yahoo confirmed that 500 million user details had been accessed in a historic data breach. Last December, a cyber-attack on a western Ukrainian electricity distribution company caused a major power outage affecting 220,000 customers and causing an electricity blackout in the region. And earlier this year, a hacker accessed the payment system of the Bangladesh Central Bank in an attempt to transfer $951 million (£779m) fraudulently, successfully pocketing $81 million before the authorities stepped in.

No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now.  Our adversaries are varied: organised criminal groups, hacktivists, untrained teenagers and foreign states.  

Attacks can cause economic damage, erode public trust in online services and by enabling fraud do real harm to individuals, their property and their privacy.  The Ukrainian attack shows the potential for the most worrying scenario: cyber-attacks by sophisticated actors designed to disrupt essential services, like energy, water and transport networks.

UK Plans

The plans will set out action needed to protect the UK economy and the privacy of British citizens, and will also encourage industry to ramp up efforts to prevent cyber-attacks. Mr Hammond said Britain "must now keep up with the scale and pace of the threats we face".

"Our new strategy... will allow us to take even greater steps to defend ourselves in cyberspace and to strike back when we are attacked," he added.

Ben Gummer, paymaster general, said in a statement: "No longer the stuff of spy thrillers and action movies, cyber-attacks are a reality and they are happening now. "Our adversaries are varied - organised criminal groups, 'hacktivists', untrained teenagers and foreign states."

Finding talent

The £1.9bn to pay for the national strategy was allocated last year and will fund the programme until the end of 2020.

In its strategy, the government explained what some of the money has been spent on already.

With the aid of industry, it has set up automated systems that limit how much malware and spam reaches UK citizens. Other projects have helped the government verify where emails come from to thwart specific tax fraud campaigns aimed at the UK.

Future spending plans involved cash for recruiting more than 50 specialists who will work at the cybercrime unit at the National Crime Agency. These will help tackle organised gangs and aim to raise the cost of engaging in hi-tech crime to make it much less attractive.

The cyber-plan will also involve the creation of a Cyber Security Research Institute that aims to unite researchers across the UK's universities to work together on improving defences for smartphones, laptops and tablets.

Security-based start-ups will also get help via an innovation fund that will commercialise work on novel tools and defences. A national scheme will also be set up to retrain "high-aptitude professionals" as cybersecurity experts.

Prof Alan Woodward, a computer security expert from the University of Surrey, said he hoped the government spent cash on the "high volume, low sophistication attacks" that plague people and cause the majority of financial losses.

"I hope the £1.9bn will be spent in growing talent," he said. "The government talk about 50 recruits here and 50 there. I'm afraid we need many more."

Prof Woodward said it was getting "increasingly difficult" to persuade young people to study computer science and getting them to try cybersecurity was "a real headache".

"I would really like to see money put into reaching young people early enough to influence the subjects they decide upon at school and pairing an image for them of just how interesting and rewarding a career in cybersecurity can be," he said.

BBC:        Telegraph:    UK’s New National Cyber Security Centre:

 

« Google AI Invents Its Own Cryptographic Algorithm
Shadow Brokers Release Secret List Of NSA-Compromised Servers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Blue Frost Security

Blue Frost Security

Blue Frost Security provides high-level IT security consulting, penetration testing services, ISO 27001 Solutions, PCI compliance solutions and training.

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

ThreatSTOP

ThreatSTOP

ThreatSTOP is a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies to stop attacks before they become breaches.

Garland Technology

Garland Technology

Garland Technology specializes in network access points (TAPs) for 100% visibility allowing you to see every bit, byte, and packet flowing through your network.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

101 Blockchains

101 Blockchains

101 Blockchains is a professional and trusted provider of enterprise blockchain research and training.

Blockchain Firm

Blockchain Firm

Blockchain Firm is a leading Blockchain based software solutions and service provider with our roots of expertise running deep into the technology.

SightGain

SightGain

SightGain is the only integrated risk management solution focused on cybersecurity readiness using real-world attack simulations in your live environment.

KanREN

KanREN

KanREN is a member based consortium offering custom, world-class network services and support for researchers, educators, and public service institutions in the state of Kansas.

Safetech Innovations

Safetech Innovations

Safetech Innovations is a team of cyber security experts, always at your service. We use human and cyber intelligence to help your business in uncertain times.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

CSIR Information & Cybersecurity Research Centre

CSIR Information & Cybersecurity Research Centre

The CSIR Information & Cybersecurity Research Centre focuses on research, development, and innovation of home-grown cyber and information security.

Corona IT Solutions

Corona IT Solutions

At Corona IT Solutions, our team of specialists in networking, wireless and VoIP are dedicated to providing proactive monitoring and management of your IT systems.

Access Talent Today

Access Talent Today

Access Talent Today is an AI/ML and cyber security talent provider.

modePUSH

modePUSH

modePUSH is a cybersecurity company focused on end-to-end breach response from Digital Forensics to Restoration across the enterprise and cloud environments.