The Ministry of Defence is aiming to increase its online intelligence gathering in a growing realisation of the threat to the UK from international cybercrime activity.
Air Commodore Graham Wright, a senior information professional from the Ministry of Defence said it is placing great focus on analysing the internet threats to the UK and being able to compromise the data of enemy countries.
"Computer Network Defence is something we take a great deal of interest in. There is a huge shift towards holding information on networks," Wright told a conference in Westminster yesterday organised by the government-funded Cyber Security Knowledge Transfer Network.
"As adversaries are holding information on networks, we need to be able to exploit that data. The question is: can we get into [others'] defence networks and attack them in some way? To understand the military network requires a huge intelligence piece now."
But Wright, a senior figure from the MoD's directorate of targeting and information operations, warned that it is often too difficult to work out who the enemy is.
"Sometimes the attribution of the attack is very difficult: the difficulty to [track people who] operate through proxies and botnets," he said. "You don't have the intelligence - is it a 14 year -old hacker in its bedroom? Is it military, political, financial?"
The Air Commodore told delegates at the conference that not every weakness could be protected. "Just because there is a vulnerability doesn't mean someone will exploit it. We need to analyse the risk," he said.
Wright downplayed the risk faced from China, where it is thought 100,000 people might be working as part of an online defence force. "The Chinese concept is a difficult one," he said. "What is their intent? Do they wish to exploit the information they're attacking? Much of what they have done is in the unclassified areas of networks.
"The question for us is how much do we need to invest in that? Where do we invest in preventing people stealing from our networks, and how much in attacking things that might attack you? The scale [of the Chinese operation] doesn't always portray the risk."
He also rejected calls from one delegate for a dedicated cybersecurity force like the Chinese operation. "A year ago, I might have agreed with you. I don't necessarily agree now," he said, saying the MoD must be careful not to "stovepipe" its operations.
Wright outlined how the MoD is now trying to use increasing amounts of publicly available information from the internet - so-called open source intelligence - as part of its operations. Referring to a logo of the Sun newspaper in his presentation, he said: "Open source intelligence is something we must expand. The intelligence we get from blogging..."
But he raised a few laughs with his evaluation of the importance of human factors in securing information.
In an apparent reference to the civil servant who left top secret documents on a London commuter train on Tuesday, he said: "Some of Computer Network Defence is security based, some of it is 'Don't leave things on trains'.
"We have a very small team. We would like to have more capability," he added.
See original article on scmagazineus.com