In the last couple of years, it seems that governments around the world are just beginning to wake up to the threat posed by cyber attacks, whether they be carried out by individuals intent on causing havoc or state-sponsored groups with more nefarious intentions.
In a speech given in London on Monday, the head of Britain’s MI5 domestic security service painted a rather grim picture of the current state of cyber security, clearly surprised at the growing number of cyber attacks taking place against UK-based institutions and firms.
“The extent of what is going on is astonishing, with industrial-scale processes involving thousands of people lying behind both state-sponsored cyber espionage and organized cyber crime,” MI5 boss Jonathan Evans told the audience.
“What is at stake is not just our government secrets but also the safety and security of our infrastructure, the intellectual property that underpins our future prosperity and….commercially sensitive information,” he said, adding, “Vulnerabilities in the Internet are being exploited aggressively not just by criminals but also by states.”
Evans also commented on businesses caught up in online attacks, singling out one particular UK company that he says suffered at the hands of a foreign state. According to the MI5 boss, the attack cost the firm a whopping £800 million ($1.2 billion) in revenue. “They will not be the only corporate victims,” Evans said.
The results of a survey of UK companies carried out earlier this year appear to share Evans’ somewhat pessimistic take on the current situation, with just over half of those questioned saying they expected to be the victim of some form of a cyber attack within the next six months.
Recently, the so-called Flame malware hit the headlines, with cyber security firm Kapersky Lab describing it as having the potential to be “the most sophisticated cyber weapon yet unleashed.” Last year the Pentagon announced that cyber attacks on US systems, networks or infrastructure can constitute “an act of war”, meaning military force could be used in response to any such attack.
Hopefully it won’t come to that, but Evans’ words clearly indicate the enormity and growing complexity of the task security agencies like his face when it comes to issues of cyber security.