After hackers got into top secret military computer systems, British officials examine their approach to cybersecurity.
by Dara Kerr
The British military’s head of cybersecurity, Jonathan Shaw, admitted that there have been a number of successful attacks into the Ministry of Defense’s computer systems, according to the Guardian.
“The number of serious incidents is quite small, but it is there,” Shaw told the Guardian in a final interview before he retires. “And those are the ones we know about. The likelihood is there are problems in there we don’t know about.”
He wouldn’t say how many attacks there have been, but he did emphasize that it was serious enough to make cybersecurity a top priority for the Ministry of Defense. This is the first time the government agency revealed that its networks have been breached.
Shaw had a few ideas in mind to deal with cybercrime. One was to develop cyberweapons. “One needs to engage in internal defense and be quite aggressive about it,” Shaw said. “And if you are going to maneuver in cyberspace, that is something that obviously involves action across the spectrum.”
Another idea was to listen to “young” people. “My generation…we are far too old for this; it is not what we have grown up with,” he said. “Our natural recourse is to reach for a pen and paper. And although we can set up structures, we really need to be on listening mode for this one.”
A final idea was to be creative and look at what tech companies are doing to combat data breaches. He gave the example of Facebook paying rewards to hackers to find security vulnerabilities on its Web site. Google has a similar typeof program.
“I think it was a surprise to people this year quite how vulnerable we are,” Shaw told the Guardian. The Ministry of Defense wasn’t “doing badly…but we could do a hell of a lot better.”
Hackers have also breached military and police Web sites in the U.S. Over the last year, Anonymous hackers claimed responsibility for attacks on U.S. law enforcement agencies, Vanguard Defense Industries, and private prison companies. In these assaults, the hackers defaced the companies’ Web sites and released documents, e-mails, and other files.