Police and GCHQ shore up UK cyber defences

News by Tim Ring

The police and GCHQ are trying to boost the UK's cyber defences and threat intelligence sharing- with new regional cyber police units being set up and GCHQ launching a scheme to reveal previously secret cyber intelligence to critical national infrastructure (CNI) organisations.

But influential figures in the cyber industry are calling for more to be done to improve public-private sector co-operation and intelligence sharing.

Speaking at the IA14 cyber security conference in London earlier this week, MP Karen Bradley, the minister responsible for serious and organised crime, said the UK government is setting up new dedicated cyber police and fraud units within the UK's network of Regional Organised Crime Units (ROCUs).

She also confirmed that the police now have a dedicated training programme to drive up cyber skills in local police forces, and predicted “a significant increase in the numbers of police officers and staff who have been trained by 2015”.

In an appeal to industry, she added: “We, the government, see tackling cyber-crime as a top priority. But we need your help. We need you to share your knowledge and experience and encourage others to do the same. And we need you to share it with us so we can understand the evolving threats problems and work with you on how to protect your businesses.”

Meanwhile, GCHQ chief Sir Iain Lobban used the conference to launch a “ground-breaking” pilot scheme in which GCHQ will share its classified cyber threat information on a wide scale with industry – starting with suppliers of communications services to Government networks, then moving on to the other CNI sectors.

Under the scheme, which was previewed in SCMagazineUK.com, GCHQ will use its “unique capabilities and insights gleaned from its intelligence and security work to illuminate the critical threats in cyberspace”.

From within industry, Charlie McMurdie - senior crime adviser with PricewaterhouseCoopers (PwC) and former head of the Met Police Central e-Crime Unit - welcomed the police's moves, but called for still more co-operation and intelligence sharing.

She told SC UK: “We are moving in the right direction, building national capability to provide a response around cyber-crime. But time and time again, what we are really missing and where we need to focus more effort is better intelligence, both strategic and tactical intelligence exchange with industry.

“We keep using the ‘partnership' word but it is still frustratingly difficult for industry to identify who to speak to (in the police) and how to actually become part of that intelligence exchange. There's a wealth of knowledge and expertise in industry that needs to be capitalised on.”

McMurdie welcomed the increase in police officers trained in cyber skills, making this a “mainstream” capability. But she added: “It's the time-old problem that high-end cyber expertise is very costly and it's very difficult to retain staff that have that level of expertise. That enforces my point that we need to be capitalising on that high-end expertise that does exist in industry.”

Security consultant Adrian Culley, a former Scotland Yard cyber-crime detective, agreed with McMurdie's view. He told SC UK via email: “It remains unclear for those in industry to know who they should speaking with, other than informal relationships. It is crucial this does not become the exclusive preserve of faceless corporations. That will be to the detriment of all.

“Good communication remains at the heart of getting this right, between Industry, government, law enforcement, military and wider society. This will remain an on-going challenge.

“The UK, like most other countries, is playing catch-up here. However, better late than never. Service delivery is where this will stand or fall.”

Commenting on the GCHQ scheme, Martin Sutherland, managing director of BAE Systems Applied Intelligence, welcomed the plan but ne too echoed the calls for more public-private sector intelligence and knowledge sharing.

He said in a statement to journalists: “Sharing relevant intelligence and information is an absolutely vital part of our collective security and this is exactly the right time for GCHQ to launch this scheme. It could well provide industry with a much richer and more valuable set of threat information than has ever been available to date.”

But he added: “The constant evolution of the cyber threat and the development of new capabilities to steal intellectual property and information presents a major risk to the foundation stones of our economy. This risk is also increasing because of the proliferation of techniques and knowledge amongst threat actors. It is therefore essential that we continue to improve the ways in which government and industry work together.”

Don Smith, director of technology at Dell SecureWorks, told journalists: “Co-operation between government and industry in combatting advanced cyber threats is essential if we are to counter the attacks faced by the UK every day.

“The threat landscape is continually evolving and as attackers become increasingly sophisticated, it's important that we come together to find solutions and also drive awareness. The cyber war is a reality not just for governments but for business too. Industry collaboration will allow government expertise to scale in combatting the cyber threat.”

Meanwhile, in related news, Cabinet Office Minister Francis Maude admitted in his keynote speech to the IA14 conference that the government's secure intranet network was breached recently when a “state-sponsored hostile group” gained access to a system administrator account. “Fortunately this attack was discovered early and dealt with to mitigate any damage,” Maude said.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews