Cyber warfare attacks on UK armed forces would be threat to nation's security

The UK armed forces may not be able to function effectively in the event of a sustained cyber attack, a committee of MPs has warned.

Evidence presented to the Defence Select Committee (DSC) during an investigation into the UK's cyber warfare defences has left it deeply concerned. It concluded that the armed forces are now so reliant on communication and information systems that, if these were crippled during an attack, the military's ability to operate "could be fatally compromised". It said the Government needed to do more to protect the nation.

Read more: Security news | Malware news

In its report, the DSC said the evidence presented to it by the Ministry of Defence led it to conclude that contingency plans were not far enough advanced.

"The cyber threat...has the capacity to evolve with almost unimaginable speed and with serious consequences for the nation's security. The Government needs to put in place – as it has not yet done – mechanisms, people, education, skills, thinking and policies that take into account both the opportunities and the vulnerabilities that cyberspace presents.

"It is time the Government approached this subject with vigour," the MPs said.

There have already been a number of low-level attacks against armed forces websites. Attacks like that of the Stuxnet virus shows how dangerous these attacks can be.

But the Ministry of Defence said it was taking the threat seriously and it had not detailed plans for obvious reasons of national security.

Defence Minister Andrew Murrison pointed out that £650m had been allocated to invest in the National Cyber Security Programme, which launched in November 2011, adding: "The UK armed forces and the equipment and assets they use are among the world's most modern and advanced, so of course information technology plays a vital role in their operation.

"Far from being complacent, the MoD takes the protection of our systems extremely seriously and has a range of contingency plans in place to defend against increasingly sophisticated attacks although, for reasons of national security, we would not discuss these in detail. The level of Government funding to tackle this threat underlines the importance we attach to these issues."

Major General Jonathan Shaw, formerly head of cyber security at the Ministry of Defence, agreed that the UK was "extremely vulnerable" to cyber attacks by criminals and terrorists.

But on the BBC Radio 4 Today programme, he said a defence against these attacks was a matter for everyone, not just the Government. Individual members of the public have a "special responsibility" to improve their "cyber hygiene", as personal computers are most vulnerable to attack, he pointed out.