In the recent Autumn statement delivered by the chancellor Philip Hammond it was announced that &1.9bn will be invested to help strengthen UK cyber security and protect the country from hacking and cyber-attacks, both big and small.
Hammond announced “Our new strategy, underpinned by &1.9bn of support over five years and excellent partnerships with industry and academia, will allow us to take even greater steps to defend ourselves in cyber space and to strike back when we are attacked.”
While there have been similar efforts in the past and it could be argued that &1.9bn isn’t enough to cover all issues relating to cyber security, it is still viewed as a vital step in the right direction, as cybercrime becomes more prevalent throughout the world.
This was backed by minister for the Cabinet Office, Ben Gummer who commented on the autumn statement, saying that “The first duty of the government is to keep the nation safe. Any modern state cannot remain secure and prosperous without securing itself in cyber space. That is why we are taking the decisive action needed to protect our country, our economy and our citizens.”
So what type of attacks fall into the cyber-attacks and hacking category? Unfortunately, it’s quite a wide spectrum and quite a lot to consider from a security perspective, ranging from criminal organisations forming attacks on large businesses, to an opportunistic individual hacking the email account of a member of the general public.
In other cases, we also have the type of cybercrime that doesn’t actually require an individual to hack into a system, but instead use tactics such as phishing. This is quite a common practice in which a user will receive a fake email from a seemingly trusted source in an attempt to draw confidential information from them, allowing someone else access to one of their online accounts e.g. PayPal or Apple.
Another form of attack that many businesses may be vulnerable to is distributed denial of service (DDoS). This method of attack uses multiple systems to target a specific website or system with an enormous amount of traffic, in attempt to cause the system to crash and causing a massive disruption and potential harm to the organisation.
The government’s plans to protect the country against such crimes are to be delivered over the course of the next 5 years, with a strategy designed to “defend, deter and develop” UK capabilities. This strategy has a large focus on uniting all of the countries cyber operations under the newly formed National Cyber Security Centre, while raising awareness of vulnerabilities for organisations and members of the public, so that the majority of attacks can be prevented and in some cases countered against.