Britain plans cyber strike force - with help from GCHQ

http://www.theguardian.com/uk-news/defence-and-security-blog/2013/sep/30/cyber-gchq-defence

Version 0 of 1.

In a surprising, and what seemed gratuitously provocative, move ahead of the Tory party's conference, Philip Hammond, the defence secretary, declared that Britain was developing the capability to mount cyber attacks against other countries.

Britain, he said, "will build a dedicated capability to counter-attack in cyber space and, if necessary, to strike in cyber space as part of our full-spectrum military capability". Hundreds of computer experts will be recruited as reservists, trained with the help of GCHQ's Joint Cyber Unit at Cheltenham.

Hammond's announcement surprised and puzzled people inside and outside government. Why announce a new capability at a political party conference letting the world know you are going to have a new, hugely controversial, weapon that you have spent years accusing hostile countries of using surreptitiously?

British ministers have not publicly named any countries partly because it is so difficult to prove who exactly are behind cyber attacks, though privately officials point the finger at Russia and China.

Hammond told Tory party delegates on Sunday at their Manchester conference: "Simply building cyber defences is not enough: as in other domains of warfare, we also have to deter. Britain will build a dedicated capability to counterattack in cyberspace and if necessary to strike in cyber space."

Thomas Rid, reader in the department of war studies at King's College London questioned Hammond's claims.

How exactly do you deter?

In cyber space, you have to penetrate a target before you can attack it, so to deter you have to attack first.

Referring to Hammond's claims that you deter people by having an offensive capability, Rid told the Guardian: "This is not the case in cyber security".

He added: "Building a cyber weapon means attacking first. Building an offensive capability requires knowing the target first, in detail, including unique configurations of industrial control systems — known as SCADA. Knowing the target requires penetrating the target first, through aggressive probing for intelligence. The effect is escalation, not deterrence."

Rid added: "Code doesn't explode on its own — an attacker has to weaponise the target: crash a plane, stop a power plant, cause a blackout. This means that a bespoke piece of attack code has to be designed for every single automated target. That is difficult."

Rid is author of Cyber War Will Not Take Place, in which he argues that the focus on war and winning distracts from the real challenge of cyberspace — namely, that non-violent confrontation could rival or even replace violence in surprising ways .

He told the Financial Times on Monday: "Why make plans for a cyber strike force public now? Such aggressive statements can be counter-productive. Other actors will want to react in kind, making everybody less secure."

Hammond told the Mail on Sunday newspaper that clinical "cyber strikes" could disable enemy communications, nuclear and chemical weapons, planes, ships and other hardware. "Our commanders can use cyber weapons alongside conventional weapons in future conflicts," he said.

Why did Hammond trumpet the cyber strike initiative? There are many possible answers. Shashank Joshi of the Royal United Services Institute thinktank pointed to some — "as a means of deflecting political anger over cuts to conventional capabilities; as a deterrent message to the UK's adversaries in cyberspace, and as an attempt to convey to the public the scale of the challenge faced by Britain in this area".

(But on his point about deterrence, see Rid's point above.)

Joshi suggests Hammond's move, with its associated risks of spurring on and legitimating the capabilities of adversaries, losing the moral high ground, and being accused of "militarising" cyber space, was the result of "a carefully calibrated policy decision".

And it has one other attraction — the need to attract badly-needed recruits in what is described as a crucial area, not least for GCHQ, at the centre of (as far as the government is concerned) unwelcome publicity over the mass surveillance of communications leaked to the Guardian.

All this may help to explain the Ministry of Defence rhetoric, its references to attracting individuals to the reserves (it is desperate to do so). "The Cyber Reserves will be an essential part of ensuring we defend our national security in cyberspace. This is an exciting opportunity for internet experts in industry to put their skills to good use for the nation...", says the MoD, which also refers to the defence budget "being invested in high-end capabilities such as cyber and intelligence and surveillance assets to ensure we can keep the country safe".

Our editors' picks for the day's top news and commentary delivered to your inbox each morning.