UK government to create cyber security crack squad

The UK government has unveiled the next stage of its Cyber Security Strategy, announcing plans to create a new British Computer Emergency Response Team (CERT) and a Cyber Reserves force.

The plans were announced in a speech by Cabinet Office minister Francis Maude, celebrating the one-year anniversary of the strategy's launch on Monday.

Details of how the Cyber Reserves team will work in practice remain vague and have been described as a work in progress.

"The simple reality is as military doctrine evolves, and cyber systems are playing more of a command and control role than in the past, military skills and education will also evolve," a government source told V3.

The UK CERT is a separate cyber security measure, and will join a growing European network. Prior to the UK announcing plans for its own CERT, the European Commission had revealed similar plans to launch a centralised unit.

These teams work as information sharing centres, monitoring and reporting information about cyber attacks.

Plans to continue the strategy's ongoing investment in UK law enforcement were also announced. The investment will build on the strategy's ongoing plans to create new e-Special Constables, a National Crime Agency (NCA) and National Cyber Crime Unit (NCCU). The new agencies are intended to combat computer crime across the UK.

Maude highlighted the discovery of several new sophisticated, potentially state-sponsored, cyber attacks like Flame and Gauss as evidence of the country's need to continue investing in cyber defence.

"In the last year our understanding of the threat has dramatically improved and it's clear there's no room for complacency. Despite a difficult financial situation we have committed serious funding, £650m to the transformative National Cyber Security Programme to bolster our defences and improve capabilities," said Maude.

Flame was one of several new advanced malware variants discovered targeting Iranian systems this year. The cyber espionage tool was the first malware to successfully be able to replicate Microsoft update certificates, allowing it to spread across Windows systems faster than most other attacks.

The malware's advanced capabilities caused concern across the security industry, leading numerous vendors including F-Secure and Microsoft to cite Flame as a game changer in the threat landscape.

Despite the increase in the complexity of attacks, Maude reiterated senior government officials' previous claims that the UK is already taking appropriate measures to protect itself against the evolving cyber threat.

"We can't stand still. We are in a race to build sufficient cyber defences to match the growing volume and dependence of our online economic, security and social interests. It's a race we can only win by working together - government, industry, academia and the public. This is as much a shared responsibility as a shared effort," he said.

"We've made progress raising awareness but this is only half the story. We will continue to improve education, stimulating cyber skills, support to business and industry, increasing cyber confidence.

"All of this means the UK is in a much stronger position than we were a year ago. But one thing is certain - to succeed going forward we will have to work together, to share our resources, skills and intelligence."

Maude's guarded optimism regarding the UK's cyber future was mirrored by several security vendors and experts including managing director of BAE Systems Detica, Martin Sutherland.

"When we look back in five years' time we will see that the government's strategy has provided a catalyst for a series of innovative and useful activities, particularly around how industry can respond to and protect itself from cyber incidents - most notably the recent Cyber Incident Response Scheme announced by GCHQ," he said.

"Nonetheless, there is still a long way to go before we can say that we are successfully countering cyber threats."

As well as its investment in law enforcement, the UK Cyber Security Strategy has seen several other initiatives implemented.

These include GCHQ's newly released cyber security best practice guidelines for UK industry and the creation of a new Cyber Incident Response disaster management service.