US and UK join forces for cyber 'war games'

News by Doug Drinkwater

The UK and US will increase their co-operation on cyber-security, with some kind of transatlantic 'Waking Shark' banking exercise seemingly in the pipeline.

This arrangement comes as a result of Prime Minister David Cameron's two-day visit to Washington to meet President Barack Obama, where the main subjects of conversation have been the economy and national security.

Cameron says that this new partnership will see the launch of both “cyber-cells” to share intelligence and “cyber-war games” – exercises where simulated cyber-attacks are tested against the IT defences of organisations such as banks.

Agents from GCHQ, MI5, NSA and FBI are already working in the US division of the “cyber-cell”, and a similar arrangement is expected in the UK.

"We have got hugely capable cyber-defences, we have got the expertise and that is why we should combine as we are going to, set up cyber-cells on both sides of the Atlantic to share information," Cameron told the BBC on Friday.

These cyber “war games” will be conducted by the British and US intelligence agencies to test their resilience against cyber-attacks, with the PM and President to announce that the first simulated attack will be set up later this year at City of London and Wall Street banks.

The war game against the financial sector will be done in co-operation with the Bank of England, which has won high praise in the past for its series of ‘Waking Shark' cyber-exercises.

James Chappell, founder and CTO of cyber-intelligence firm  Digital Shadows, said that the move was ‘exciting news, a great opportunity for collaboration' and believes that it could be an opportunity to ‘piggy back' off existing schemes, such as the CBEST pen-testing exercise in the UK.

“I think that collaboration can only help from a cyber-security perspective. It's well known that there's been collaboration between the agencies and that's happened for some time.”

Asked what the agreement could entail, he added: “I think it's around professionalism – getting the best from both countries and improving how industry can work together. At this time, the collaboration shows the maturing approach to security.”

However, Chappell – whose firm Digital Shadows was one of the 12 companies to join Cameron on the trip – warned that, despite the recent terrorist attacks in France, cyber and terrorist attacks can be very different things.

“The physical and virtual worlds are more connected than they've ever been before, and the agencies are responsible for both of these areas. In my experience as a cyber-security professional, I think the lines are blurring to some extent.

“We've got to be careful not to over-inflate some attacks and compare them to what happened in Paris. But at the same time we do leave a digital footprint, and some of it is relevant from a security and risk perspective. You can learn more about your adversary by observing your adversary.”

Stuart Murdoch, CEO of Surevine – an open-source social software provider, also on the delegation, added in an email to SC: "Greater collaboration between the UK and US is crucial to successfully detecting and combating cyber-threat. We need solutions that help create greater communication across all borders; between countries, industries and organisations. The Cyber-Security Information Sharing Partnership (CISP) platform is one example of such collaboration, helping companies form a united front against hackers, and share information securely about the nature of cyber-attacks."

Mark Brown, executive director in cyber security & business resilience at EY, added:Co-operation between the UK and US on increasing cyber-skills is a significant milestone in tackling these threats. A real area of immediate concern lies with the lack of cyber-professionals who are equipped to deal with and manage the risks. Both government and business cannot be blasé about the potential dangers posed by cyber-criminals and need to be able to respond with equally-matched cyber-expertise.”

Andy Settle, chief cyber-security consultant and head of practice, at Thales echoed Chappell's earlier comments that the UK and US have been in regular contact on cyber-security.

“Whilst the government‘s intent is to engage in active steps with its allies to ensure the health of Britain's IT infrastructure, this type of collaborative cyber-conflict simulation has been a regular occurrence between the UK and the US for nearly ten years,” he told SC. “US exercises, such as 'Cyber Flag' and 'Cyber Guard' which take place every year, have been a crucial factor in developing qualified responses to cyber-attacks.” 

But he added: “The threat of cyber-warfare and cyber-terrorism has become much more apparent to the general public over the past couple of years, with the attacks on Sony's computer amassing a staggering amount of attention. However, many still struggle to imagine how cyber-conflict could wreak the same havoc as traditional, conventional war. 

“But as former director of national intelligence, Mike McConnell noted, cyber-war has the potential to mirror the doomsday nuclear threat – less in the physical sense, but in terms of the potential economic and psychological effects.” 

Sean Mason, VP of incident response at Resolution1Security, believes that the partnership is good for the US. “In the classified space, for years we have been sharing cyber-intelligence with what is known as "Five Eyes", but I have never seen anything of major importance done publicly. From a US perspective, I think it is a significant step in the right direction to begin openly partnering across the globe with other like-minded nations, as the cyber-threat is borderless. Considering how targeted threats are these days, and Obama's recent strive towards more public-private intel sharing, I would expect the US's cyber intelligence to become more robust over time with this partnership."

Cameron is due to meet Obama for a second time today where is expected to ask for the President to apply more pressure on Facebook and Twitter to co-operate more with intelligence agencies.

He could find himself in a tricky situation regarding encryption though; the Prime Minister hinted earlier this week that end-to-end encryption is detrimental to catching terrorists, only for a secret US government report to come to light, indicating that the White House believes that faster roll-out of encryption is necessary.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews