http://news.scotsman.com/uk.cfm?id=305582005
JAMES KIRKUP POLITICAL CORRESPONDENT 22 Mar 2005 INTERNATIONAL terrorists are training to launch cyber-terror attacks on Britain which could cripple vital economic, medical and transport networks, the government's counter-terrorism co-ordinator said yesterday. Sir David Omand said surveillance of suspected al-Qaeda affiliates suggests they are working to use the internet and other electronic communications systems to cause harm. Sir David, a former head of GCHQ and one of the most senior members of the British intelligence community, yesterday appeared at a conference of security experts and business leaders at Chatham House in London to discuss Britain's defences. To illustrate the point that even entirely civilian industries and networks can be vital to national security, the conference was reminded of an MI5 assessment that "Britain is four meals away from anarchy." British security officials are normally extremely reluctant to discuss potential threats even semi-publicly, but the need for increased action from the private sector is driving a newfound openness. Intelligence officials say that no matter how much the state does to prepare for cyber-terrorism, a great deal will rest on the willingness of businesses to "harden" their systems against attack Sir David confessed to his audience that he had doubts about commenting publicly on security threats, not least for fear of sparking undue panic. He insisted that his remarks constituted an attempt to "inform" or to "alert", but stopped short of being a "warning". Britain has not yet experienced genuine acts of cyber-terrorism, but Sir David said intelligence chiefs are in little doubt that the country must be ready for such an attack. While the mandarin did not name al-Qaeda or its affiliates, he left little doubt that the followers of Osama bin Laden are developing their electronic warfare capabilities. "Many of those who have been arrested or about whom we know have a very high level of technological awareness," Sir David said. A combination of the terrorists' increasing technological sophistication and Britain's growing dependence on electronic networks means this is considered "a threat which will rise in silence". Cybernetic attacks can take many forms. At the most basic level, programmers can set computers to bombard websites and email servers with thousands of messages which cause them to jam. More sophisticated and dangerous attacks would entail penetrating an organisation's internal communication and management systems, either distorting messages or blocking them altogether. The most sensitive government systems, such as those used by the military and intelligence services, are entirely closed to the outside world. Instead, the authorities' greatest fears about electronic attacks relate to the more exposed networks that make up what is known as "critical national infrastructure", many of which are in civilian hands. Central and local government systems, financial markets, the National Health Service, the emergency services, transport and energy networks, and even the food and drink industry are all deemed vital to Britain's ability to resist potential attack or, should an attempt succeed, to minimise the harm caused. Yesterday's call for greater resilience away from the "core" targets of central government and financial targets echoes similar assessments in recent weeks. Earlier this year, an authoritative study by St Andrew's University security experts warned that counter-terrorism preparations in areas outwith London need much more work. But Britain is not alone in worrying about non-physical terrorist attacks on infrastructure. US intelligence agencies are known to be particularly concerned that terrorists could combine electronic and physical attacks to devastating effect, for example disrupting emergency service networks at the same time as mounting a bomb attack. And electronic attacks on electricity grids or the floodgates of hydro-electric dams are also under active consideration by US agencies. Other scenarios are less spectacular, but could entail significant economic harm to Britain, even as the result of events far beyond the UK's borders. The global nature of the internet means the threat from cyber-attacks is equally international, forcing British agents to work closely with nations they say they would often regard with suspicion or even hostility. One British counter-terrorism official yesterday raised the prospect of a electronic attack on the Russian gas industry. "Given that Britain is now a net importer of gas and that gas is shipped through pipelines controlled by electronic technology, this sort of thing has to be considered a potential economic threat," the official said. Toby Harris, the former chairman of the Metropolitan Police Authority, told the delegates yesterday that there remains "significant vulnerability in the systems we all rely on." Lord Harris insisted the threat was not exaggerated, citing the example of HM Coastguard, which was last year almost paralysed by a computer virus. "What happens were there to be a serious attack that severely damaged the critical national infrastructure?" he asked, calling for urgent work by public and private sector managers to devise contingency plans. Otherwise, he said, "Britain could be quickly reduced to large-scale disorder, including looting and rioting, in the event of a serious disruption of critical national infrastructure". _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005