A brief history and overview of Cybersecurity in the UK

Introduction

I enjoy reading and learning about the history of technology along with the way things developed and either become common everyday object or remain stuck on the drawing. This blog post will aim to give an overview of how cybersecurity has developed in the UK and what may happen in the future. In the UK the silicon or semi-conductor industry researched and developed transistors, PCBs and developed microchips. Up and until the late 80s and 90s the UK had a fairly healthy semi-conductor manufacturing industry but due various factors went decline and today the design of chip architecture for example ARM and software replaced manufacturing. Though assembly of components and limited fabrication is still carried out in the UK though it is often overlooked.

• 1988 - The Morris worm — one of the first recognised worms to affect the world's nascent cyber infrastructure — spread around computers largely in the US. The worm used weaknesses in the UNIX system Noun 1 and replicated itself regularly. It slowed down computers to the point of being unusable. 
• Would lead eventually to the establishment of Computer Emergency Response Teams ( CERTs). Cybersecurity tools and practises start as prevent and detect. 

• 1990s - Computer Virus like Melissa and ILOVEYOU infect tens of millions of PCs, causing email systems around the world to fail. This leads to the development of antivirus technology in order to spot the signature of the virus and prevent it from executing. This leads to campaigns to increase awareness of the danger of opening emails from untrusted sources  Though since this basic advice is still being ignored we still have yet to come up with the means to prevent human behaviour from compromising the security of systems. 

• 2006 - NASA was forced to block emails with attachments before space-shuttle launches out of fear they would be hacked.

• 2007 - Estonian government networks were harassed by a DDOS attack by Russia affiliated or government backed groups. While the attacks were not crippling they did disrupt key services for days.  

• First example of a country using cyber-attacks as a political weapon. Russia would use the same tactics in its War with Georgia in 2008 and later against the Ukraine in 2014 when Russia operative fought in Donbass. 

• 2010 - Stuxnet, a complex piece of malware designed to interfere SCADA was discovered in Iran, Indonesia and elsewhere. Designed to cripple the Iranian nuclear program. First known purpose built cyber-weapon. 

• 2017 - WannaCry ransomeware attack affected computer systems worldwide. In the UK the NSH is severely affected.  Evidence points to North Korea as the source if this attack. 

• Shows the danger of failing to upgrade and take adequate measures to protect systems from attack. 

The UK's role in developing and shaping cybersecurity can be traced back to WW2 with the Bletchley Park codebreaking operation. The field of cryptography  cryptanalysis and encryption is an area where the UK has been a leader. With today's GCHQ being a driving force behind by encryption standards from public key encryption to the future quantum safe cryptography. GCHQ has also evolved its role to protect UK infrastructure and systems from cyber-attack along with the means to retaliate to aggression in cyberspace. In supporting cybersecurity in the UK first through CESG which became NCSC the UK aims become proactive instead of reactive when is comes to cyber defence and security through education, policy and encouraging a standards for companies and organisations to adhere to when applying cybersecurity to systems and assets. 

The increased UK security drive outlined in the National Cybersecurity Program emphasised three key objectives:

Defence: To develop multiple layers of defences that significantly reduce the UK’s exposure to cyber attack through making it far more challenging to attack and ensure its networks, data and systems are resilient.

Deter: To instigate robust deterrence measures to increase the cost and reduce the benefits of attacking the UK.

Develop: Drive to expand the cybersecurity industry and cultivate the necessary skills within UK society and industry to ensure it keeps pace with cyber-threats.

The UK government has taken a fairly open and inclusive approach to the issue, building up UK defences in plain sight and pushing wider educational tactics to halt threats rather than retaining all protection and monitoring behind closed doors.

The changing nature of cyber-attacks as seen with the 2016 DDoS attacks against Dyn DNS, the largest DDoS attack in history that disrupted communications across Europe by taking down one of the largest domain name servers, the new breed of cyber attacks can have increasingly damaging and widespread effects. The Dyn DDoS attack hijacked thousands of connected smart devices and the havoc it wrought had those in the security industry asking again how far reaching and destructive to the Internet a single cyber attack could be.

In its effort to combat this growing threat, the UK Government has leaned towards a layering cybersecurity strategy with each added layer of security making a successful attack exponentially harder to achieve. Whether they are coming from organised activist groups, other governments or sets of individuals, with attacks commonly initiated based on a perceived value that can be gained, outweighing a cost to attempt a breach, the more robust layers that are in place, the more attacks become unfeasible.

Also, in the UK there has been as push towards secure by default and design when it come to cybersecurity which has become a possible solution to the growing number of IoT devices and ever increasing number of connected devices. The issues and question how cybersecurity should be implemented by companies  services and individuals has come into fore with the GDPR coming into force along with the EU NIS directive and upcoming ePrivacy Regulations. Finally, one solution the UK government is pushing is cyber insurance to ensure that companies are compliment and maintain some form of cybersecurity implementation. Though it is to early yet to tell whether this approach will be successful. 

When reading up on cybersecurity while we may have got better at protecting systems, devices and information we still have yet to implement a sure-fire way to enforce or encourage good security behaviour of the user. Also, the advice about cybersecurity has barely changed in 20 years. Maybe the language has been updated and new terms introduced as cybersecurity people we are going around in circles. (People will disagree with this view) As often is said in cybersecurity the human is the weakest link. At some point we going have to come up with a way to change that attitude so that the human become the strongest element or link in cybersecurity. Though while I have some ideas about it is not going to be quick easy solution. Since there is no such thing as a silver bullet to problem. To start we need to promote good cybersecurity behaviour and for that to become the norm. How we go about that either through increased education, awareness or some sort of technology based tool will soon need to be discussed.