Reference Library – Security News
Belgian soldiers stand guard outside Brussels’ Central railway station | Philippe Huguen/AFP via Getty Images
Also on Europe s front pages: France boosts its attractiveness and UK hosts another royal wedding.
1/23/18, 8:51 AM CET
Die Welt and S ddeutsche Zeitung focused on German President Frank-Walter Steinmeier s take on the coalition talks between the Social Democrats and Angela Merkel s conservatives . Europe, he said, is waiting for a German government that can bring peace and order back to crisis regions in this world, Die Welt reported2 . Frankfurter Allgemeine led with the joint message of Chancellor Angela Merkel and French President Emmanuel Macron, in which the two leaders announced their intention to work together more closely.
Le Figaro reported on Justice Minister Nicole Belloubet being forced by trade unions to tackle overpopulation and radical Islamic conversion in prisons . Lib ration and Le Monde looked at Macron s decision to welcome foreign investors at Versailles to show off the country s boost in foreign investments over the last five years. According to Lib ration3, the event said as much about the attractiveness of the French economy as it did about the head of state s talent for setting a scene.
De Tijd reported that foreign companies are creating a record number of jobs in Flanders, and De Standaard s front page looked at the controversial issue of funding local health centers4 . On the terror threat level in Belgium being lowered5 to unlikely, Le Soir s headline read: The threat fades, security stays, referring to government plans to keep soldiers on patrol in Brussels streets.
The British press had another royal engagement to occupy front pages this morning, as Princess Eugenie announced that she will marry her long-term boyfriend Jack Brooksbank at Windsor Castle in the fall . Comparisons to Prince Harry and Meghan Markle, who will marry there in May, were common, with the Daily Metro s headline reading: Anything Meghan can do
In political news, the Guardian reported on the head of Britain s National Security Centre warning that it s only a matter of time until Britain suffers a major cyberattack . The Times reported that Foreign Secretary Boris Johnson is urging the prime minister to greenlight a 5 billion annual cash injection into the National Health Service.
Related stories on these topics:
Exclusive: Ciaran Martin says Britain fortunate so far to avoid major, crippling attack
Baumgarten via Getty Images
The head of the UK s National Cyber Security Centre1 has warned that a major cyber-attack on the UK is a matter of when, not if , raising the prospect of devastating disruption to British elections and critical infrastructure. In remarks underlining newly released figures showing the number of cyber-attacks on the UK in the last 15 months, Ciaran Martin said the UK had been fortunate to avoid a so-called category one (C1) attack, broadly defined as an attack that might cripple infrastructure such as energy supplies and the financial services sector. The US, France and other parts of Europe have already faced such attacks.
Interference in elections would also constitute a C1 attack, as would a deliberately provocative move by a hostile state. During an hour-long interview with the Guardian, Martin said he anticipated such an attack in the next two years . I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one attack, he said. He admitted total protection was impossible . Some attacks will get through .
What you need to do at that point is cauterise the damage, he said. Martin was speaking last week before a speech on Monday by the chief of defence staff, Sir Nick Carter, in which he highlighted the growing threat posed from cyber-attacks2, in particular from Russia, both on the battlefield and on civilian services. The NCSC, which is the front window for the government surveillance agency GCHQ, has been gradually building defences and is due to publish shortly a 60-plus page dossier outlining what has worked and what has not since it opened for operations in October 2016.
The most serious cyber-attack on the UK so far was the WannaCry3 ransomware attack in May last year that disrupted hospitals4 . In spite of its impact, the attack was classified as only C2 rather than C1, partly because there was no risk to life.
Figures for cyber-attacks since the NCSC opened through to December last year underline the pressure building on the UK from hackers . The NCSC recorded 34 C2 attacks, with WannaCry the most disruptive of these, and 762 slightly less serious C3 ones.
Most comparable western countries have experienced what we would consider a category one attack so we have been fortunate in avoiding that to date, said Martin, who is chief executive officer at the NCSC and former director general for cyber-security at GCHQ. Among serious breaches elsewhere are the hacking of the US Democratic party in the run-up to the 2016 White House election and an attack on a French television station in 2015, both blamed on Russia. The NCSC, as part of its preparations against similar attacks, has been advising key departments and companies on vulnerabilities while intelligence agencies monitor potential hackers .
There is also an emergency response team on constant standby. Martin said one of the biggest lessons from 2017 was to fear reckless as much as controlled attacks . He considered WannaCry, which was blamed on North Korea, as an example of an attack in which the perpetrator loses control.
What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft disrupting infrastructure through to trying to get money through attacks on banks but also the deployment of ransomware, albeit in a way that didn t pan out in the way the attackers wanted to.
As well as North Korea, intrusions have been blamed on Russia, China and Iran . Some of these, Martin said, were espionage-based, scouting out vulnerabilities in infrastructure for potential future disruption . Although the UK signed a treaty with China in 2015 not to engage in cyber-attacks for commercial gain, espionage was left out of the treaty.
What we have seen from Russia thus far against the UK is a series of intrusions for espionage and possible pre-positioning into key sectors but in a more controlled form of attack from others, he said.
The UK has publicly acknowledged its growing cyber-offensive capabilities . Martin, while saying it was a matter not for him but GCHQ and the Ministry of Defence, said: Offensive cyber will be an increasing part of the UK s security toolkit. But he cautioned against assuming a cyber-attack from another state would trigger a retaliatory cyber-attack, saying there were a range of responses from diplomatic pressure through to sanctions and indictments. The Trump administration has raised the prospect of using nuclear weapons5 in response to a major cyber-attack.
Martin said he had not seen any successful attempt to interfere in the UK democratic process . The political parties had originally been suspicious about taking advice from an organisation linked to the intelligence agencies when the NCSC first opened.
When Theresa May called the UK general election in April, much of that reticence disappeared, Martin said, possibly because of the experience in the US and France.
The main parties in the House of Commons did ask for and did receive guidance on the sort of threats they were likely to face and we worked with each of them, Martin said. Cyber-attacks appear to have made electronic voting less likely in the near future . With the current state of high alert around elections, I think it make sense that there are not any current plans to move to electronic voting, Martin said.
Electoral security is one of the areas in which the the NCSC is working closely with European Union counterparts. In spite of reports of concerns over security cooperation post-Brexit, 6Martin insisted: There is significant momentum in Europe to get the European cybersecurity across the whole continent on a stronger footing and that is great.
Among challenges facing Martin, he identified encouraging more girls to consider engineering and computing as a career .
Of the NCSC s 700-strong workforce, only 32% are female, though half of the roughly 20 senior management posts are held by women.
- ^ National Cyber Security Centre (www.ncsc.gov.uk)
- ^ he highlighted the growing threat posed from cyber-attacks (www.google.co.uk)
- ^ WannaCry (www.theguardian.com)
- ^ disrupted hospitals (www.theguardian.com)
- ^ using nuclear weapons (www.theguardian.com)
- ^ In spite of reports of concerns over security cooperation post-Brexit, (www.theguardian.com)
Cyber security is to come under the spotlight as police demonstrate a live hack to encourage businesses to protect themselves. The safety of the online world is a hot topic with threats from hackers, criminals, activists, terrorists and even disgruntled employees who target vulnerable firms. Now the North East Cyber Crime Unit (NERSOU) has teamed up with local police forces to host cyber breakfasts in a bid to urge businesses to protect themselves against the growing menace of cyber-crime. Detective Sergeant Martin Wilson from NERSOU, said: North East businesses are underprepared when it comes to cyber threats, with many having no contingency plans in place for a crisis.
Whilst it is easy enough to recognise an insecure window or an unlocked door, it is not always as easy to spot that your computer system has been compromised. The purpose of these breakfasts is simple, we want to show businesses how they can be vulnerable to a cyber-attack by demonstrating a live hack with the help of Waterstons, an IT consultancy based in Durham. “This may all sound like doom and gloom but it is not, we can give you the support to defend against these hacks and are offering a free vulnerability assessment service, which can give you an overview of your ICT weaknesses so you can fix them before cyber criminals find them. The free events will take place across the region in Durham City, Darlington and Barnard Castle and it will be a chance for businesses to speak to experts in cyber-crime and enable organisations in the North East to come together to share their experiences and learn from best practice. Cyber-crime has been on people s radars for a while now but it is still an evolving global threat and attacks are incredibly disruptive . It is a growing part of the workload of policing in UK, said DS Wilson whose team has recently expanded to deal with these type of crimes.
We are a dedicated team of detectives here to protect businesses and members of the public, he added. The events are free to attend but tickets are allocated on a first-come first-served basis. Please follow the Eventbrite link for tickets
1A full list of events across Northumbria, Durham and Cleveland below: NORTHUMBRIA
Wednesday 7th February 2018 08:30 10:00 St . James’ Park, Barrack Road, Newcastle upon Tyne, NE1 4ST
https://www.eventbrite.co.uk/e/cyber-breakfast-tickets-41940751918 Friday 16th March 2018 08:30 10:00 Stadium Of Light, Sunderland, SR5 1HX
https://www.eventbrite.co.uk/e/cyber-breakfast-tickets-41940869269 DURHAM Friday 23rd February 2018 08:00 10:00
Darlington Mowden Park RFC, The Northern Echo Arena, Neasham Road, Darlington, DL2 1DL https://www.eventbrite.co.uk/e/cyber-security-business-breakfast-tickets-42037482241
Friday 2nd March 2018 09:00 11:00 TCR The Hub, Shaw Bank, Barnard Castle, DL12 8TD https://www.eventbrite.co.uk/e/cyber-security-business-breakfast-tickets-42036645739
Friday 23rd March 2018 08:00 10:00 The Durham Centre, Belmont Industrial Estate, Durham, DH1 1TN https://www.eventbrite.co.uk/e/cyber-security-business-breakfast-tickets-42036790171
CLEVELAND Thursday 8th February 2018 08:30 10:00 Fusion Hive, North Shore Road, Stockton, TS18 2NB
https://www.eventbrite.co.uk/e/clevelands-cyber-business-breakfasts-tickets-42077408662 Tuesday 20th February 2018 08:30 10:00 Redcar & Cleveland College, Corporation Road, Redcar, TS10 1PA
https://www.eventbrite.co.uk/e/clevelands-cyber-business-breakfasts-tickets-42078503938 Tuesday 6th March 2018 08:30 10:00 National Museum of the Royal Navy, Maritime Avenue, Hartlepool, TS24 0XZ
https://www.eventbrite.co.uk/e/clevelands-cyber-business-breakfasts-tickets-42078982369 Thursday 29th March 2018 08:30 10:00 Riverside Stadium, Middlesbrough, TS3 6RS