UK to develop offensive cyber capability

By Alex Stevenson

Britain’s military will develop offensive cyber capabilities, understands.

Whitehall sources had indicated at the time of the strategic defence and security review’s launch last month that Britain was not prepared to develop offensive cyber operations.

Now has learned the military is expected to integrate cyberspace capabilities into future offensive operations, however.

The Ministry of Defence refuses to publicly acknowledge it plans to develop offensive cyberspace outcomes.

Many of Britain’s concerns with cybersecurity focus on asymmetric threats, in which criminals, terrorists and states use a range of means to target government departments, financial institutions, businesses and communications infrastructure.

But the concept of ‘cyberwarfare’, in which state-on-state conflict sees military interventions in cyberspace in a bid to cripple the enemy’s land, sea and air power, opens up the possibility for offensive developments.

Earlier this week armed forces minister Nick Harvey hinted at the possibility in a speech to the Chatham House thinktank.

“Actions in cyberspace form part of the battlefield rather than being separate to it,” he said, adding that he expected the future “integration” of cyber and physical attack capabilities.

“We still live in a physical world – so physical capabilities will never be replaced,” Mr Harvey said.

“But they should be supplemented by cyber capabilities which will give protection where necessary and greater flexibility where required.”

The strategic defence and security review allocated £650 million of new investment over the next four years, to be spent on a number of measures including the establishment of the new UK Defence Cyber Operations Group.

This group will be responsible for “developing, testing and validating cyber techniques as a complement to traditional military capabilities”, Mr Harvey added.

“There is much to learn and develop in this area. It will take time to understand fully the threats and opportunities.”

It has not yet been decided how this money will be spent, however.

Experts have pointed out that developing offensive cyber capabilities is unlikely to have a deterrent effect on other states because attribution of cyber incidents remains uncertain, as the recent Stuxnet attack showed.

A report due out from the Chatham House thinktank next week is expected to underline the government’s thinking on the issue, however.

“Warlike actions in cyberspace are more likely to occur in conjunction with other forms of coercion and confrontation,” it will say.

The report will argue that cyberspace should be viewed as the ‘fifth battlespace’, alongside land, air, sea and space.

“Cyber warfare is best understood as a new but not entirely separate component of this multi-faceted conflict environment,” it explains.

Cybersecurity was elevated to the top tier of threats facing Britain’s security in the national security strategy published before the complete defence review.

The strategy cyber issues on the same level as terrorism, small-scale warfare and natural disasters. The head of GCHQ recently warned the government is receiving 1,000 deliberate malicious attacks via email every month.