GCHQ, the UK's signal intelligence agency, may get an expanded role in preventing attacks against the networks of key private firms under new government plans.
The Communications-Electronics Security Group (CESG) at the UK's Government Communications Headquarters (GCHQ) has historically only provided best practice guidance and security product certification to the private sector, while taking a more active role in helping government departments defend their networks against cyber attacks.
Security chiefs are now pushing to get an expanded role in "monitoring unusual network traffic" and repelling cyber attacks at critical national infrastructure firms, the Daily Telegraph reports.
Under the plans, an expanded national cyber-security hub at GCHQ would monitor network traffic from "major communications, power and transport providers for evidence of hacking", a big expansion of the current role of the small team at the Cyber Security Operations Centre, which provides online intelligence about threats to national security.
The planned expansion comes against the backdrop of an increased volume of cyber-espionage attacks, such as the attacks in France in the run-up to the G20 conference in Paris and against oil and gas conglomerates, as well as the Stuxnet worm, which is blamed for disrupting the control systems and thereby sabotaging kit at Iranian nuclear processing plants.
The UK government recently named cyber attacks as a Category One threat in its recent Strategic Defence and Security Review, with the Cameron administration pledging £650m over the next four years to boost the UK's cyber-security efforts.
At the same time, resources for policing cyber-crime in the UK – which demonstrably poses a severe and growing economic threat – have been reduced to around £63m.
Government fears, in the UK and elsewhere, centre on concerns that hostile powers might cripple communication or banking systems or disrupt the delivery of utilities.
But many observers, most notably a recent OECD-sponsored study, have criticised such "cyber-war"-related fears as overblown.
The Daily Telegraph reports that the prime minister summoned blue chip firms including British Airways, BT and National Grid to Downing Street to discuss plans to expand GCHQ's role in cyber-defence. Firms such as BT, following its acquisition of security services firm Counterpane, and Symantec have a healthy and growing business selling security monitoring and response services for corporates.
BT, in particular, is likely to oppose any expanded role for GCHQ in the private sector. Security minister Baroness Neville-Jones said the government's critical infrastructure plan had not yet achieved "buy in" from some of the relevant corporations. "What we need is greater situational awareness," she said.
The UK plans are comparable to critical national infrastructure "Perfect Citizen" project conceived by the National Security Agency (NSA), GCHQ’s US counterpart, last year and opposed by critics as a move that would give the signals intelligence agency the ability to spy on private communications. The NSA firmly denied any such intention.
Baroness Neville-Jones offered similar assurances against concerns that GCHQ's plans would carry privacy drawbacks. "What this partnership will not do is start breaking boundaries that we have around privacy and personal data," she said. ®