UK National Information Security Programme

Main article: Cybercrime and cyber conflicts: Europe

Cyber ​ ​ war with Russia

• Cyber ​ ​ war of Russia and Great Britain

2022: US and UK agree on mutual access to cloud storage 'to combat terrorists and smugglers'

On October 5, 2022, it became known that the United States and the United Kingdom began implementing an agreement on access to data, which, according to them, will help law enforcement agencies in both countries fight terrorism and smuggling. Read more here.

2021: Britain unveils billions worth of national cyber strategy

On December 15, 2021, the UK government published its new National Cyber ​ ​ Strategy, which defines how the state will strengthen its position as a global cyber power.

The strategy builds on significant progress made in cyberspace since 2016, which has seen the cybersecurity sector in the UK grow rapidly. In 2020, more than 1.4 thousand companies received income in the amount of £8.9 billion, provided 46.7 thousand skilled jobs and attracted significant foreign investments.

As part of the strategy, the government calls on all sectors of society to play their part in strengthening the UK's economic and strategic advantages in cyberspace. Aligning the cyber sector across all UK regions, expanding offensive and defensive cyber capabilities and a top cyber security priority in workplaces, boardrooms and digital supply chains.

Britain published billions worth of national cyber strategy

The government is announcing a new online learning platform, Cyber Explorers, which will teach young people cyber skills in classrooms. The platform is taking steps to improve cyber worker diversity with a new adult program that will ensure people from all walks of life have access to these highly skilled and priority jobs. In addition, the Queen approved the Royal Charter for the UK Cyber Security Council, which will help improve cyber careers and bring cyber workers in line with other professional professions such as engineers.

To promote growth and innovation in the UK cyber industry, the government is investing in Cyber Runway, which helps 107 innovators grow their businesses, with the majority of participating companies outside London. Funding for these growth and skills programmes will be refocused from large, often London-based initiatives to a regional model, which will mean more jobs and better opportunities for people across the UK.

This innovative strategy will help consolidate the UK's position as a leading cyber power and provide people across the country with the knowledge and skills necessary to ensure internet security. It's great news that the UK Cybersecurity Council's Royal Charter application has been approved and we will continue to work closely with the sector to inspire the next generation to consider careers in cyberspace, "said Media, Data and Digital Infrastructure Minister Julia Lopez.

The strategy also sets out the government's plan to ensure the safety of citizens in cyberspace and combat cybercrime by:

• Strengthening law enforcement with significant funding so they can strengthen the fight against criminals;
• Increased investment in the National Cyber Force, which represents the UK's offensive capability to counter, disrupt, degrade and combat those who could harm the UK and its allies;
• Expanding the research capabilities of the National Cyber Security Centre, including a new applied research centre in Manchester;
• Implementation of the Product Safety and Telecommunications Infrastructure Bill to ensure compliance with minimum safety standards in all new consumer smart products;
• Investment in public sector cybersecurity to ensure that key public services remain resilient to evolving threats and can continue to provide services to citizens who need them.^[1]

2019: Internet companies in Britain forced to protect users from cyber threats

On April 8, 2019, the British government introduced, as it claims, the world's first online security rules. They oblige Internet and technology companies to monitor customer information security and be responsible in the event of harm.

The new regulation, developed by Britain's Department for Culture, Media, Digital Industry and Sport (DCMS) and the Home Office, requires social media and other services to take "reasonable steps" to protect users from cyber threats. The latter include online bullying, the spread of misinformation and prohibited content, terrorism and various actions that are not necessarily illegal, but can cause serious damage.

Main articleIT market in Britain

2018: Britain creates cyber warfare to counter 'threats from Russia'

In September 2018, it became known about the creation by the British authorities of a special cyber unit that would counter threats from Russia and terrorist groups. It was decided to invest about £250 million in a new joint project between the British Ministry of Defense and the Government Communications Center (GCHQ).

The tasks of the new structure will include the fight against hackers, foreign agents and terrorists, as well as the search for an adequate response to the "Russian threat." According to The Times, the cyber military will include about 2 thousand specialists in military and information security services, as a result of which the country will quadruple its offensive potential in cyberspace.

London creates a unit to fight in cyberspace

According to the ex-commander of the Joint Command of the Royal Armed Forces, General Richard Barrons, introducing offensive cyber technologies, "we level the field of play and provide new ways to deter and punish countries that want to harm us." One of these countries, the general called Russia, which, according to him, "is already on the offensive."

Britain's activity in the virtual sphere could be another reason for increased tension in international relations with Moscow. Earlier, Russian President Vladimir Putin warned that some states are creating cyber warfare, with the help of which they intend to solve geopolitical problems.

The Russian authorities have repeatedly denied involvement in cyber attacks on Western countries, while urging Western partners to strengthen cooperation in this area. ^[2] 

In addition, about plans to create a hacker unit against the background of news that London first used cyber weapons in the fight against terrorists of the Islamic State, banned on the territory of the Russian Federation.

2017: Queen opens National Cyber Security Centre

In 2017, Elizabeth II will open the British National Cybersecurity Center, whose main task will be to counter cyber attacks by Russian hackers. The main mission of the structure is to counter cyber attacks by Russian hackers. Finance Minister Philip Hammond emphasizes that "cyber attacks are happening more and more often, causing more and more damage, and they are increasingly difficult to detect."

Great Britain Since 2016, it has been implementing a 5-year strategy cyber security that will cost the government £1.9 billion ($2.38 billion). The main threat is considered. Russia The finance minister and MI5 director promise to defend the kingdom with "retaliatory strikes"^[3] will be implemented in several stages. The first stage is the opening of a national cybersecurity center. At the second stage, it is planned to introduce at least 100 positions of specialists in (information security information security) in the new hub (the first hub has already been opened in) London

The UK government has allocated $2.3 billion to develop an information security strategy over the next five years. This was stated by Finance Minister Philip Hammond, who promised that everyone who attacks his country in cyberspace will receive a "retaliatory blow." At the same time, Andrew Parker, head of the MI5 intelligence service, said that Russia is a growing threat to UK security because it uses cyber attacks to threaten the kingdom's industry, economy and military power. Parker argues that Russia is "using all of its government agencies and agencies to pursue international policy abroad in an increasingly aggressive manner - including propaganda, espionage, sabotage and cyber attacks." The head of MI5 said that the work of his department is to counter such threats.

2015: Britain publishes cyber espionage rules for intelligence agencies

In February 2015, the UK government published a list of rules and requirements regarding the use of hacking technologies for computer systems and spy electronic equipment by intelligence agencies.^[4]

A draft directive called the Equipment Interference Code of Practice was unveiled by the British Home Office. This document describes the legal framework for the activities of local and foreign security agencies and intelligence services in dealing with computers, smartphones, servers and other electronic devices.

Britain publishes cyber espionage rules for intelligence agencies

As noted by the Internet publication ZDNet, it is no secret that British intelligence carries out surveillance using modern communications, but before the publication of the Equipment Interference Code of Practice, this activity was not publicly confirmed.

The requirements for intelligence agencies listed by the authorities fall within the framework of the fifth section of the Intelligence Service Act of 1994 (1994 Intelligence Services Act). The draft directives contain detailed information on when to obtain permits to organize surveillance, how representatives of the special services should behave in the event of espionage of an incorrect object, and how to deal with the information received - how to store and when to delete.

The materials also report that usually the official permission for covert monitoring of a person or company is designed for six months, but the deadlines can be extended if it is necessary to obtain additional information from objects that may be associated with the main object of surveillance.

British Home Secretary James Brokenshire noted that the code of practice lists the security measures used during intelligence activities in computer networks and other environments. According to the official, the government's work should be as transparent as possible, especially when it has the tools at its disposal to access and manage people's communications.

2014: Cost Structure for Information Protection in the British Government

On December 11, 2014, the government Great Britain released some data information security on the National Cyber ​ ​ Security Program, aimed at combating cybercriminals and protecting public interests. It became known where it is planned to spend money from the program budget, the annual volume of which exceeds 200 million pounds.^[5]

In 2015, most of the cash (around £93.2m) will be allocated to "strengthen the ability to lead a sovereign fight against big threats." This expense item involves financing the British intelligence service GCHQ (an analogue of the American CIA), which, as noted, stands guard over key networks of national importance. In 2015, GCHQ plans to share a lot of information about cyber threats with communication companies so that they can strengthen the protection of their networks.

File:Screenshot 2014-12-19 in 15.11.03.png

An estimated £30m from the National Information Security Programme will be spent on bringing in the defence department to tackle hackers. At the same time, the armed forces have their own programs (budget - about £500m) in the field of digital security.

In 2014, the UK government reported that hackers sponsored by the authorities of some countries managed to hack into a protected local network of the national level. The defense industry has long been a target for cybercriminals hunting for military secrets.

Other cost items of the government's anti-hacker programme are improved police response to cyber attacks (£29.1m) and public awareness (£21m).

The report also reports that 81% of large organizations and 60% of small companies have experienced illegal entry into their computer systems. The damage from such hacks ranged from 65 to 115 thousand pounds for small enterprises and 600-1150 thousand pounds for large businesses.

2011: Stuxnet worm accelerates UK cyber warfare preparations

A virus specially programmed to attack Iran's nuclear facilities and showing the power of cyber weapons that have reached a new "cold" mark is forcing Britain to reconsider its attitude towards cyber war.

On June 17, 2010, when Sergey Ulasen received an email from a dealer in Tehran about a problem with their computers annoying some customers, it became the actual day when open information about the Stuxnet virus appeared .

Ulasen did not know then that the damaged computers were among those used by Iranian scientists involved in uranium enrichment work as part of the country's nuclear program. The malware that disrupted their work turned out to be so damn smart that Iran blamed the United States and Israel for its development. And the virus itself received a new name - Stuxnet, which can go down in history as a cyber weapon that has changed the style of modern warfare.

Specialists from GCHQ (Government Communications Headquarters - one of the three intelligence agencies in the UK - approx. TAdviser), the Ministry of Defense and independent analysts agree: the complexity of Stuxnet is brilliant, probably, several people have been developing it for many years. Its appearance opened the eyes of governments of all states to the destructive possibilities of hidden attacks of a new type.

This virus was not a blunt tool. It is set up to shut down the control systems of the 9,000 operating centrifuges used to enrich uranium, causing some to spiral out of control. He also hid his actions, deceiving operators who believe that the equipment is operating normally.

Infecting these computers is a staggering undertaking. According to Symantec, the operation of introducing the virus into the Iranian network would require an old school of theft and unwitting insider support at Iranian facilities, as well as courage and skill.

To begin with, its creators needed to know exactly the configuration of the computers that were used to launch the centrifuges at the Natanz underground uranium enrichment plant. They learned about this from stolen drawings, of course, using a virus. Traces of an early version of Stuxnet were found, which shows that the virus went on reconnaissance in mid-2009, penetrating the network, scanning the system and the detected records.

To check the work of the new virus, its creators had to build a mirror image of the Iranian object, computers and everything that allows them to work and improve. The New York Times reported earlier this year that this phase of testing may have taken place in Israel's Dimona complex, in the Negev desert.

Wherever this happens, a dozen developers could cope with the task, for at least six months, according to Symantec. But even so, only half the work would have been done.

Banks and large corporations in the City of London are more concerned with intellectual property theft, which they believe is a far more pressing issue for the UK economy than Stuxnet's penetration of one of the UK's nuclear power plants. Cabinet doesn't mind, so some politicians are trying to encourage a more holistic approach to cyber security.

But while Britain's industrial cyber security is blossoming, according to GCHQ, the real significance is in the 20% of threats that cannot be closed by conventional means: they are looking for places that could threaten national infrastructure, harming energy companies, the communication systems used by emergency responders.

Some Whitehall officials see weakness Stuxnet in the difficulty of developing such systems. But they also acknowledge that cyber communities are particularly attractive to some states because of the low bar for joining them. Support for cyber activity states is growing and will continue, one official said, because it is comparatively cheaper than the cost of waging war compared to buying ships and fighters. "You don't need a lot of money, you don't need a lot of people," the official said. "You can put two students in a room and give them computers, let them act."

Experts have long concluded that the UK will, and probably should, develop a set of its own cyber weapons, and last year the government hinted that this is now a priority. The Defense and Security Strategy Review said: "Over the past decade, the threat to national security and prosperity from cyber attacks has grown exponentially... We will also continue to develop, test and validate the use of cyber capabilities, as potentially the most effective and affordable way to address national security challenges. "

Today, the ministers openly recognized the need to develop new offensive weapons, the need to answer questions and not only about international agreements and the legal basis for their use. In reality, officials acknowledge that the UK will need to spend money to maintain control of cyber security.

"Cyberspace is no longer just for geeks," said one official. "It's for everyone. The threat is here and now. "

Notes