The report also questions the military's contingency plans while urging the government to take more action to address the threat.
Ross Brewer, managing director and vice president, international markets, LogRhythm, made the following comments:
For government organisations, the consequences of cyber attacks are not restricted to the loss of sensitive information or financial penalties. With cyber criminals deploying ever more sophisticated tools, the potential for cyber attacks to cause real world damage grows. This is particularly true for UK’s armed forces, which is becoming an increasingly popular target for both independent cyber criminals and those controlled by other governments.
It is unfortunate that most government-led cyber security policies focus on catching and punishing criminals as opposed to preventing computer crime. It’s therefore no surprise that public calls for urgent and more aggressive government action are gathering steam.
LogRhythm’s own research has shown that more than two thirds of the UK public now back pre-emptive cyber strikes on enemy states. Furthermore, 45 percent believe that the UK government needs to step up its protection of national assets and information against cyber security threats, and 43 percent think that the threat of international cyber war and cyber terrorism is something that needs to be taken very seriously now.
However, any pre-emptive strike could incite disturbing consequences such as the execution of even more sophisticated attacks on the UK’s critical infrastructure. Rather than attacking ‘enemy’ networks, the scale and nature of today’s cyber threat calls for proactive, continuous monitoring of IT networks to ensure that even the smallest intrusion or anomaly can be detected before it becomes a bigger problem for all – after all, you can only defend against that which you can see.
The other serious issue when it comes to cyber attacks on the military is that even once a cyber breach has been remediated and any potential damage minimised, there often remains an enormous amount of uncertainty surrounding the origins of the attack. Without confirmation of the source of attacks, inaccurate finger-pointing can and often occurs – and when this happens between nation states, diplomatic tensions can arise. As such, further forensic analysis of the breach is often required, which traditional point security solutions, such as anti-virus or firewall tools, cannot provide.
A holistic IT security strategy focusing on the continuous monitoring of IT networks provides the network visibility and intelligent insight needed for deep forensic analysis. Only with this deep level of network visibility can the UK armed forces ensure cyber attacks are mitigated and accurately attributed to the correct perpetrators.