Financial Times Defense and Diplomatic Editor James Blitz reports in an article dated October 13, 2010, that Iain Lobban, head of the British Government's "secretive listening post" known as GCHQ, has delivered the first ever speech from a serving director. The subject: cyberwarfare capabilities.
Although he would not say whether GCHQ was developing offensive cyberwarfare capabilities, Lobban stressed that "'it may be possible to use military cybercapabilities for deterrent effect.'"
In his speech, Lobban qualifies the scope of such deterrence; "A casual parallel with nuclear deterrence and Mutually Assured Destruction is clearly wrong – because small scale but significant [c]yber attacks happen every day. When it comes to these incidents . . . we will need to have rapid and robust ways of working with allies."
According to the article, since "the recent discovery of the [S]tuxnet worm, which seemed to be aimed at destroying nuclear infrastructure in Iran, western governments have become concerned that such a weapon could be deployed against them" (emphasis added).
Lobban confirmed as much in his speech, when he said "the threat is a real and credible one." In a speech containing few concrete details, Lobban did provide a few numbers, which seem to support his assertion of a real and credible threat.
"It is true that we have seen worms cause significant disruption to Government systems – both those targeted deliberately against us, and those picked up from the Internet accidentally. There are over 20,000 malicious emails on Government networks each month, 1,000 of which are deliberately targeting them."
Speaking on the use of offensive cyberwarfare, Lobban stated that "It is true that we have seen the use of [c]yber techniques by one nation on another to bring diplomatic or economic pressure to bear."
Also worth noting were Lobban's remarks on future strategic developments.
"Perhaps 80% of what we need to do is stuff we already know how to do – getting the basics of Information Assurance right will itself raise the bar for malicious activity. But 'patch and pray' will not be enough. At the national level, getting the rest of [c]yber – the more difficult 20% – right will involve new technology, new partnerships, and investment in the right people."
***
For the full text of the article, click the link provided above, or here. The full text of Iain Lobban's speech was released for distribution at 0001 hrs., October 13, 2010. A PDF is available for download here.
Leave a Reply