UK BattlesTargeted Cyberattacks

UK government officials have come under sustained and targeted attack from malware in recent months, Foreign Secretary William Hague has confirmed in a speech at the Munich Security Conference.

The alarming developments included a campaign to get the Zeus information-stealing Trojan onto the government computers using an e-mail that appeared to originate with the White House to an attack on the a Trident nuclear submarine defense contractor.

A third e-mail attack from a hostile intelligence agency contained a PDF that could have compromised PCs used by staff had it been allowed to execute.

The picture built by Hague was of British Government that was now routinely under attack from state-of-the art malware built specifically to attack its infrastructure.

In all cases, security detected the attacks in time to stop them compromising security, Hague said, despite the fact that many of the malicious e-mails appear to have evaded initial filtering.

"Our experts were able to clear up the infection, but more sophisticated attacks such as these are becoming more common," Hague was quoted as saying.

Separately, the EastWest Institute think tank issued a report that has called for ground rules to be agreed upon by countries conducting cyber-espionage. A key argument is that cyberwar is a form of conflict that falls between current definitions of war and peace, a sort of perpetual conflict that could be open to misinterpretation and overreaction.

It might also be necessary define neutral zones to protect elements in cyberspace that have an impact on civilians.

Its not a million miles away from an idea put forward by Bruce Schneier that the U.S., its allies and rivals should establish cyberdefence hotlines to improve communication as a prerequisite to creating a set of treaties that govern how countries behave in the online world.

A key element of the U.K. strategy is the European Union cyber security plan which will look, among other things, to harmonize policing and cybercrime laws.

Subscribe to the Security Watch Newsletter

Comments