Countering new cyber threats

The UK government will be investing nearly £3 billion in cyber and legacy IT over the next three years. 

According to the UK’s National Cyber Strategy 2022, the threats we face in and through cyberspace have grown in intensity, complexity and severity in recent years. Cyber-attacks against the UK are conducted by an expanding range of state actors, criminal groups (sometimes acting at the direction of states or with their implicit approval) and activists for the purpose of espionage, commercial gain, sabotage and disinformation. 

Such attacks cause significant financial loss, intellectual property theft, psychological distress, disruption to services and assets and risks to the UK’s critical national infrastructure, democratic institutions and media. They can also damage investor and consumer confidence and amplify existing inequalities and harms. 

Indeed, report notes, during the COVID-19 pandemic the shadow pandemic of gender-based violence was compounded by online attacks. And as well are all well aware, ransomware attacks continue to become more sophisticated and damaging. While the overall level of cyber threat from hostile actors during the COVID-19 pandemic has remained constant, they have exploited it as an opportunity and shifted their cyber operations to steal vaccine and medical research, and to undermine other nations already hampered by the crisis. 

The growing dependence on digital technologies for remote working and online transactions has also increased exposure to risks. Alongside this, digital divides have also created uneven access to online services and exposed people to online abuse and harms due to limited digital literacy and awareness of the cyber security measures we can all take to stay secure online.

Drivers of change 

The UK government suggests that the coming decade will see the continued rapid expansion of data and digital connectivity to almost every aspect of our lives. Huge global growth in Internet access and usage, underpinned by data and  the infrastructure upon which data
use relies, is creating new markets and increasing convenience, choice and efficiency. 

But it also makes countries much more dependent on interconnected digital systems, providing more opportunities for malicious activity and significant ‘real-world’ impact. As critical and non-critical technologies continue to converge across sectors these risks are spreading to new areas of our economy, and the movement  of data and services into the cloud – and often out of the UK – is further increasing the nation’s exposure:

“We are increasingly seeing the interaction of established businesses in regulated sectors, such as telecoms and energy, with new and largely unregulated businesses, such as those providing microgeneration, electric vehicle charging or ‘connected places’ capabilities. Critical infrastructures will become much more distributed and diffuse and this fundamentally changes how regulation will impact the security of the critical functions and services we rely on. This diversification will also affect our wider national security, making it more difficult to gain access to information whether for law enforcement or cyber security. This change in environment will also affect products and services more widely outside of our traditional critical national infrastructure.”

“This increasingly complex landscape will make it even harder for states, businesses and society to understand the risks they face and how they can and should protect themselves. Increased dependency on third party suppliers of managed services, which often have privileged access to the IT systems of thousands of clients, is creating new risks that need to be addressed.”

“Devices and networks will increasingly be connected to the internet as standard, extending cyberspace to our homes, vehicles, built environment and industrial infrastructure. Sensors, wearables, medical devices and biometrics will further blur the boundary between offline and online activity. Cyber risks will become pervasive, increasing the volume of personal and sensitive data generated and the potential impact if systems are breached.”

Evolving risks

Against this backdrop, the report suggests, threats in cyberspace will continue to evolve and diversify as high-end cyber capabilities become commoditised and proliferate to a wider range of states and criminal groups. The number of actors with the ability and intent to target the UK in cyberspace will increase and states will employ a wider range 

of levers to conduct disruptive activity, including the use of proxy actors. 

The accelerated transition to hybrid working and restrictions on international travel resulting from the pandemic have led to greater reliance on digital services and incentivised organised crime groups towards cyber-crimes. Naturally, this challenge will not be unique to the UK, creating mutual vulnerability for all those who rely on cyberspace. 

Indeed, it suggests, cyberspace will become more contested as state and non-state actors seek strategic advantage in and through cyberspace. Cyber operations will become increasingly important to power projection below the threshold of armed conflict and in pre-conflict situations. Future conflicts will also  see an increase in the use of cyber capabilities. For the UK to act effectively we will require higher levels of cyber resilience in our defence capabilities. Cyber operations will need to be integrated with other force elements to defeat threats and enable wider defence activity. 

The five pillars of the UK’s cyber strategy 

Pillar 1: Strengthening the UK cyber ecosystem, investing in our people and skills and deepening the partnership between government, academia and industry 

Pillar 2: Building a resilient and prosperous digital UK, reducing cyber risks so businesses can maximise the economic benefits of digital technology and citizens are more secure online and confident that their data is protected 

Pillar 3: Taking the lead in the technologies vital to cyber power, building our industrial capability and developing frameworks to secure future technologies 

Pillar 4: Advancing UK global leadership and influence for a more secure, prosperous and open international order, working with government and industry partners and sharing the expertise that underpins UK cyber power 

Pillar 5: Detecting, disrupting and deterring our adversaries to enhance UK security in and through cyberspace, making more integrated, creative and routine use of the UK’s full spectrum of levers