Britain to get official cyber attack dogs

The UK government has announced that it is to form a cyber security agency, one of whose functions will be to develop a cyber attack capability.

The Office of Cyber Security (OCS), dedicated to protecting Britain's IT infrastructure, will be created in line with a model proposed - and in part practised by - the US, the Cabinet Office said on Thursday.

The OCS will have charge of a cross-government programme of work, while a multi-agency Cyber Security Operations Centre (CSOC), based at GCHQ in Cheltenham, will co-ordinate the protection of critical IT systems.

As well as cyber defence and cyber attack co-ordination, the OCS will act as a conduit for information security collaboration between government and industry experts.

Robert Hannigan, the prime minister's security adviser, said the OCS would be about "drawing together what people are already doing in the Ministry of Defence, the intelligence services and the police".

The government has never admitted that it has the systems and personnel to launch a cyber attack. However, according to a senior government official, who wished not to be named, the OCS will have a role in co-ordinating cyber-offence capabilities that will build on the resources the government currently has.

In extreme cases, the government will launch a cyber attack in response to intrusions into the UK's own systems. "Yes, we will do things proactively," the Whitehall official said at a Cabinet Office press briefing. "Information assurance has been about building stronger walls, but there's only so much you can do. You come to a point when you are allowing criminals and others a low risk in continuing to attack, and there comes a time when that has to change. This is the first time we are saying publically we are not going to sit back."

The government will develop information systems to allow it to launch denial-of-service attacks and to spy on chosen targets, said the official. "We will have a whole range of offensive capabilities, including distributed denial-of-service," said the official. "DDoS is not a first response - we definitely need graduated responses."

"Aggressive attacks are pretty far up the scale, and we want to avoid collateral damage as far as possible. It's a fine line. We don't want to get into cyber-warfare but it's not reasonable to sit back," the official added.

The Cabinet Office official said the government would try to respond to attacks on UK systems by recourse to the law: "Whenever we can, we will pursue criminals through legal frameworks, but that only works in some countries. Clearly, in other areas of the world, people are acting with impunity."

The threat of cyber-warfare among countries was highlighted by the May 2007 attacks on the Estonian national infrastructure. Further attacks, on countries such as Georgia, have strengthened the government's resolve to address IT security issues.

The model for the OCS is similar to that in the US, which plans to quadruple the number of security experts defending against cyber attack, while cyber-offence capabilities are currently under the aegis of the US Air Force. The Pentagon will create a cyber-command to oversee US cyber-military efforts.

The OCS will come under protection of the Cabinet Office and will report to the National Security Secretariat in that office. No director has been named for the department.

The office will pool intelligence capabilities from MI5, MI6, the Ministry of Defence, the Metropolitan Police Central e-Crime Unit, and the Serious Organised Crime Agency.

Other government agencies involved include the Department for Business, Innovation and Skills; the Central Sponsor for Information Assurance; CESG, the information-assurance arm of GCHC; and the Centre for the Protection of National Infrastructure.

The OCS will launch with a staff of 16 to 20, while the CSOC in Cheltenham will have 20 to 25. "We will start small and learn from initial US attempts [to build a cyber-security department]," said a Cabinet Office official. "We want to establish a core team."

The government will also reach out to industry to create a pool of IT security expertise, given the scale of the task of securing UK public and private sector IT infrastructure. A key priority for implementing the strategy will be to develop a cyber-industry with "opportunities for high-tech businesses in the UK", according to a government statement.

In addition, the OCS plans to launch a cyber-skills strategy to address skills gaps in government and industry, and work with other countries to develop international law in that area.

The OCS will seek to strengthen links with countries, such as the US, and develop links with other European partners like Germany and France. The PM's adviser Hannigan said cyber security collaboration with Nato is in the early stages, but that work is planned to build channels of communication with the European Network Security Agency.

Original article: UK launches dedicated cyberattack agency from ZDNet UK