UK Cyber Security Strategy: One year on, country on track to be Flame-proof

Every year we get fresh reports that the cyber threat the world faces is growing. The same is true in 2012, with security vendors, industry and even the government detecting an exponential growth in the number and complexity of attacks targeting Britain.

The discovery of new sophisticated, potentially state-sponsored, malware like Flame and Gauss is a common element in these warnings, with pretty much everyone citing their existences as proof the cyber threat facing Britain is growing.

Flame was one of several new advanced malware variants discovered targeting Iranian systems this year. The cyber espionage tool was the first malware to successfully be able to replicate Microsoft update certificates, allowing it to spread across Windows systems faster than most other attacks.

The malware's advanced capabilities stirred the security community to action, with Lockheed Martin, RSA, Bluecoat Systems, the Jericho Forum, F-Secure and Microsoft all listing Flame as a game changer in the threat landscape.

A common fear among all the companies was what would happen if a Flame or Stuxnet-level attack was to successfully target a critical infrastructure industry, with many highlighting how such an attack could quite literally make things go nuclear.

For this reason, when the UK government claimed that its year-old Cyber Security Strategy had already taken appropriate measures to protect itself from such malware earlier in December, we were left more than a little sceptical.

This is because, when the UK government and its agencies unveiled the country's new Cyber Security Strategy in November last year, the strategy mainly focused on combating cyber crime, not state-sponsored threats.