UK MI5 and GCHQ getting serious about cyber warfare.where they will inform participating businesses of emerging trends in cyber espionage."From today's FT, FYI,David --David VincenzettiCEOHacking TeamMilan Singapore Washington DCwww.hackingteam.com

March 27, 2013 12:01 am

Services join forces to fight cyber crime

By James Blitz, Defence and Diplomatic Editor

For years, the work of Britain’s security services has been largely concentrated on the threat to the UK from jihadist terrorism. But increasingly, the security chiefs at MI5 and GCHQ are paying attention to another risk: the huge wave of state-sponsored cyber attacks by China and Russia on UK companies.

Such attacks, which are largely aimed at acquiring industrial and commercial secrets, have long been a big challenge to UK industry – but there have been signs of them increasing in scale and sophistication.

Two years ago, BAE Systems Detica, a specialist in cyber security, estimated that UK companies lose some £27bn from cyber crime and cyber espionage each year.

Last June, Sir Jonathan Evans, head of MI5, the security service, said one unnamed UK company had lost £800m in a single act of intellectual property theft.

But while these figures may be alarming, getting the security services and businesses to join forces to set up a defensive strategy has not been easy.

On the one hand, companies that lose valuable intellectual property in a cyber attack are usually reluctant to reveal this to the outside world. They fear that any revelation might trigger embarrassing headlines about lax security and undermine their share price.

At the same time, GCHQ and MI5 have also had reasons for caution. As Nigel Inkster, a leading expert on cyber security at the International Institute for Strategic Studies, puts it: “The government is understandably wary about divulging information to outsiders about cyber threats which has been derived from secret sources and agencies.”

On Wednesday, however, the government and 160 British companies are prepared to take a risk. By setting up a new organisation called the Cyber Security Information Sharing Partnership, they will share information about threats confidentially – allowing all participants to acquire a much richer picture than they currently have of realtime events in cyber space.

GCHQ and MI5 are to set up an operational centre at an undisclosed location in London where they will inform participating businesses of emerging trends in cyber espionage. At the same time, the 160 companies will share information with government and with other participating businesses in the event that they suffer a cyber attack.

Government and business are not rushing into this without a lot of thought. They have run a pilot scheme over the last 15 months which participants say has been successful.

“The really important thing that emerged [from the pilot] is just how important it is for companies to share information among themselves,” says David Garfield, managing director of cyber security at BAE Systems Detica. “Many of these companies are competitors and rivals. They therefore needed government to come in and catalyse this information sharing. They would not have done it themselves.”

Wednesday’s launch is also significant in another respect: It shows that the UK is seeking to bolster cyber security through a system of voluntary disclosure of attacks – rather than requiring companies by law to declare when an attack has happened.

The EU recently unveiled plans to issue a directive that would make it compulsory for companies to disclose when they have been attacked. But UK officials and cyber experts view this move with concern. As Mr Garfield puts it: “The real effect of a system of compulsory disclosure might ultimately be to encourage companies to turn a blind eye to attacks, pretending they have not seen them.”

However, a voluntary system like the one being set up on Wednesday still faces challenges. As one business leader puts it: “It will need a lot of trust to work. If companies participating in this scheme share embarrassing data about cyber attacks with their rivals only to see it leaked to the media, then the whole system is very quickly going to collapse.”

Copyright The Financial Times Limited 2013.