The UK has vowed to be one of “the world’s leading democratic cyber powers” in a landmark Integrated Review of Security, Defence, Development and Foreign Policy published Tuesday, March 16.
The review comes as the government has pledged an additional £24 billion in defence spending which will be “focused on mastering the emerging technologies that are transforming warfare”, as PM Boris Johnson put it.
The UK is the “third most powerful cyber nation in the world, ranking top in defence, intelligence, norms and offensive capabilities [and with a] UK cyber network [that] covers 122 countries across 6 continents”, the review says, mentioning “cyber” 156 times and pledging more robust engagement in the cyber operational domain.
UK offensive cyber capabilities to be used to “detect, disrupt and deter”
The Integrated Review also promises to “make much more integrated, creative and routine use of the UK’s full spectrum of levers – including the National Cyber Force’s offensive cyber tools – to detect, disrupt and deter our adversaries.” (The NCF is a joint GCHQ/MOD partnership announced in November 2020. The UK will continue to declare offensive cyber capabilities to NATO allies under its Article 5 commitment,it added.)
The decision comes amid an increasingly fluid and fragmented geopolitical and security environment. As the Strategic Review notes: “Competition will continue within the conventional military domains of land, sea and air, and will grow in other spheres, including technology, cyberspace and space, further shaping the wider geopolitical environment. Systemic competition will further test the line between peace and war, as malign actors use a wider range of tools – such as economic statecraft, cyber-attacks, disinformation and proxies – to achieve their objectives without open confrontation or conflict.
“The UK is likely to remain a priority target for such threats.”
Writing shortly before its launch, Dr Simon Mehdian-Staffell, as associate fellow at RUSI and UK Government Affairs Manager at Microsoft noted: “The future of national security and defence will increasingly be focused on the information domain. The armed forces will, for example, increasingly train in synthetic environments and defence and security personnel will continue to need ever more sophisticated methods, and ever more computing power, to make sense of the vast amounts of data that are features of the world they operate in. Ideally, they will want to exploit data in ways that get ahead of adversaries and create operational advantages.”
He added: “But this is a competitive landscape.
“Getting UK defence and national security fit for this challenge will require nothing short of a revolution. To be clear, this is not an argument that the conventional domains of warfare have gone away, or that old capabilities will no longer be required. But the tired false dichotomy of aircraft carriers or data centres risks creating a diversion, while technology and data continue to transform every aspect of our lives, and therefore the context for defence and national security. Aircraft carriers themselves operate in the world of information advantage.”
Dr Jamie Collier, Intelligence Analyst at Mandiant Threat Intelligence added: “The review has correctly identified that cyberspace is an increasingly contested domain. While the National Cyber Force signals a greater willingness to engage, it is encouraging that the language demonstrates there is still a focus on remaining a responsible player. This is therefore not a complete overhaul of the current playbook but the National Cyber Force responds to a threat landscape that is growing in complexity for at least three reasons.
“Beyond the big four of Russia, China, Iran, and North Korea, other states are now developing cyber capabilities. Vietnam is one example of a country that has quickly ramped up its ability to conduct cyber operations. The UK must therefore plan ahead and anticipate the growing threat posed by emerging players.
Collier added: “Second, cybercriminals are becoming increasingly professionalised and sophisticated. This is showcased by the growing scourge of ransomware operations – where data is encrypted and rendered unusable unless an extortion fee is paid. The issue has quickly moved from something of a nuisance to a matter of national security. This has been showcased over the past year by the prominence of ransomware operations targeting critical infrastructure and the healthcare sector amidst a global pandemic.
“Third, the UK must counter growing levels of online disinformation. These operations are now conducted by a variety of countries beyond Russia. Here, the link between disinformation and cyber security is increasingly blurry. For instance, disinformation operators are known to first steal sensitive documents before leaking them at a time intended to cause maximum disruption. These campaigns will also often seek to compromise and then use government social media accounts or websites as a platform to distribute their message.”