UK Plans To Invest 5 Billion Pounds In Retaliatory Cyberattacks

The United Kingdom has revealed plans to invest 5 billion pounds ($6.8 billion) in bolstering national cybersecurity that includes creating a "Cyber Force" unit to perform retaliatory attacks. BleepingComputer reports: As the UK's Secretary of State for Defense Ben Wallace points out in an interview with The Telegraph, Britain isn't just looking to strengthen its stance against threats, but also to build up its capacity to launch retaliatory assaults. The UK's goal is to strike back on 'tier one' attacks, targeting crucial sectors of hostile states such as Russia, China, and North Korea. As Wallace points out, Britain will be one of the very few countries in the world that will have the capacity to mount offensive cyber-attacks at such a scale, essentially discouraging any future attempts against them. Typical targets could include electric power stations, telecommunication service providers, and various basic infrastructure entities where any service disruption would result in a large-scale impact and notable adverse economical effects.

As Mr. Wallace revealed, some foreign states are waging cyber warfare on Britain on a daily basis, so responding to this aggressively is within the rights that underpin international laws. One of the examples that the official gave during the interview is dismantling servers that are used for ransomware deployment, spyware, or IoT malware. Creating the National Cyber Force center is meant to help keep things this way, acting as a deterrent for those eyeing Britain as a lucrative target candidate. The new digital warfare center will be based out of Samlesbury, Lancashire and jointly run by the Ministry of Defense and the GCHQ. Wallace states that the new division should be fully operational by 2030, with more details revealed by Boris Johnson, UK's Prime Minister, at the upcoming conference of the Conservative Party in Manchester.

This should go well

[Papaspud]

a little tit-for-tat, some escalation, ]and next thing you know the national power and gas grids get really broke and then the real war starts. Just seems like a bad idea to me, especially as good as they are at actually targeting the right person.

Re:

[N.73SL4]

I don't know. Do countries keep accepting cyber attacks and the financial cost/fallout? The state-sponsored actors carrying out the attacks are acting absolutely aggressively and invite retaliation and aggression in kind. I keep thinking if they were lobbing rockets instead of cyber attacks no way would any nation with a certain level of capability turn a blind eye. They'd respond in-kind or with what they would consider appropriate force.

Re: This should go well

[javaman235]

The question is, who is throwing the rocks? If it is a state, thatâ(TM)s one thing, if criminal group, another. In the second case, a response against hosting state implies a necessity for states to clamp down on their Internets, which for better or worse is where it is all heading. Poorer countries without the resources to do this may be in place where it is better to get citizens off Internet almost entirely in such a scenario. New times coming.

Re:

[Malc]

Take for example China: considering the level of control the Chinese government exerts over the internet, especially over international connections, surely any activity by a criminal gang can be considered sanctioned the government?

Re:

[ShanghaiBill]

The Chinese central government has far less power over the Internet than you realize.

The GFWoC varies widely by location. Strict in Beijing, Lhasa, and Urumqi. Lax in Shenzhen and Guangzhou.

Re:

[AmiMoJo]

The Great Firewall is also mostly automated, using deep packet inspection, and thus relatively easy to circumvent. It also means that nobody is watching it all the time. It's more akin to the Slashdot lameness filter than some kind of 1984-style monitoring system.

Re:

[dowhileor]

The Chinese central government has far less power over the Internet than you realize.

The GFWoC varies widely by location. Strict in Beijing, Lhasa, and Urumqi. Lax in Shenzhen and Guangzhou.

But they still censor everything, log everything else and censor it later. I mean everything... How hard could it possibly be to find that little segment you were not standing on and watching at that moment? Analyze the traffic?

Re:

[ShanghaiBill]

But they still censor everything, log everything else and censor it later.

No, that doesn't happen. The censorship is mostly automated and immediate. It is not even done by the government but outsourced to the tech companies with little incentive to be thorough.

They do not "censor it later" because that would make no sense.

Re:

[bloodhawk]

yes because millions of chinese aren't already bypassing the great firewall /s. That is as dumb as saying if a murder happens in America surely it should be considered government sanctioned as the government has police in every town and state to prevent such a thing.

Re:

[AmiMoJo]

Criminal gangs don't abide by the rules of war. They will take down hospitals and other vital infrastructure if it nets them a few bitcoins.

Retaliating doesn't seem like a good idea when the UK is presumably not intending to murder civilians or leak people's private data.

Re:

[dowhileor]

The question is, who is throwing the rocks? If it is a state,....

It almost always must be, taking the scale of attacks into consideration. You cannot hide it for long because if they can detect attacks form outside the nation they can sure detect attacks leaving their domains. And lately, we are talking about methods that must be detectable and traceable to computer zero eventually because they are so sloppy.

Re:

[bloodhawk]

It isn't about accepting it, it is about responding in an appropriate controlled manner, a cyber attack on critical infrastructure is NOT a controlled manner as so many flow on consequences can happen that are completely out of your control. Its like a child flailing away at another child that upset them, it could cause anything from a Bruise to the death. In this case it could cause thousands of innocents to die and escalate into war.

Re:

[Anonymous Coward]

Only problem is... how do you know that the proper party is being attacked? It is trivial to hide one's attacks behind a victim as a proxy, as there are millions of insecure companies and individuals where their servers, or their cloud accounts can be home to attacks, which can have fake signatures to be from another country.

Re:

[LuckyPee]

Why do you think every major power want to have the nuclear bomb? (hint: because it's a good deterrent not being attacked)

UK has the bomb. They are still being attacked. Did you forget to read the heading or summary? Or do you just not understand what 'retaliatory' means?

Re: This should go well

[Pinky's Brain]

How do you know any real attack isn't a false flag? At some point you just have to go with the evidence you have.

Re:

[gravewax]

No but it is better to not carpet bomb innocent civilians for the crimes of a few individuals. Attacking critical infrastructure is carpet bombing civilians and usually has the added negative of turning the civilian population against you and confirming the rhetoric of the dictators that the west are scum and will indiscriminately kill you to there own political ends. It makes the UK no better than terrorists.

Re:

[nonBORG]

so now you just need to make it look like your target attacked them and you will get a full force retaliation attack against your target.

Re:

[youngone]

I wouldn't worry about it too much. The current government of the UK is the most inept they've had since probably John Major.
The purpose of most of these things is to siphon money from the taxpayers to their friends, this is SOP for the Tories.

If you look into it, they're not announcing any new money, they're just announcing that the centre is going to be next door to a Tory held, but vulnerable electorate. Look! Jobs!
Except nobody with the skills required to help is going to want to move to rural La

Re: This should go well

[JonnyCalcutta]

Not sure why this is modded as troll since most of it is factually correct and not even opinion.

Re:

[youngone]

Probably an American who saw "Conservative" in the comment and thinks that means "Republican".

Re:

[dowhileor]

I guess this will get modded down too...UK was crazy to leave the EU JUST to be able to use terms like "retaliatory", "5 billion", "Cyber",... in the same sentence...

Re:

[arglebargle_xiv]

Naah, this is just bread and circuses to distract from the fact that the UK is running out of meat and petrol.

Re:

[monkeyxpress]

a little tit-for-tat, some escalation, ]and next thing you know the national power and gas grids get really broke and then the real war starts. Just seems like a bad idea to me, especially as good as they are at actually targeting the right person.

Don't worry. Most of the £5 billion will go to McKinsey and Infosys in management consulting fees.

The only thing that Britain's 'enemies' have to fear is that there are more leaks like the Pandora papers which show how they are hiding their vast amounts of ill-gotten wealth among the British aristocracy.

Re: This should go well

[Pinky's Brain]

The alternative is isolation.

Globalisation uber alles means tit for tat cyberwarfare with states which don't respond to diplomacy.

Pick your poison, I'd prefer isolation.

Re:

[Deal In One]

They should have put the 5 billion on bug bounty and software audit. And not let those software covered by the 5 billion bucks to be exported without licence, so that opponents dont get the benefit of all these.

This could end up as the beginning of world war 3.

Wut?

[Srin Tuar]

This sounds incredibly stupid; are they anthropomorphizing the internet to be some kind of alternative meatspace?

"Launching a cyber attack" isnt something that specifically targets a nation state, nor something that specifically comes from one, nor does it in particular cost anything, nor does it specifically have any kind of specific defense or even offense. Well designed infrastructure just isnt vulnerable to attack, period.

Pretty much everything connected to the internet is subject to constant attack, not necessarily from any fault other than its own flaws.

Their money would be better spent eliminating flaws, such as anything built on or with microsoft windows, rather than trying to do a pointless and meaningless "counter attack".

Re:Wut?

[kot-begemot-uk]

It is incredibly stupid on multiple levels.

Prior to launching retaliation you need to know against whom. Looking at the "proof" of "who launched that" presented by UK government over the years it has been anywhere between "wafer thin", "one boy told me, but I will not say his name" and "totally inexistent". You do not start WW3. over that.

UK infrastructure is phenomenally fragile. Even if UK does not get back a salvo of Zircons aimed at key London landmarks, it can be put back into the stone-age by appropriate cyber-retaliation alone.

1. 99% of the key Internet infra is in 4-5 Telehouse and Telecity facilities in London and there is no program to build any resilience. All the money which should have been spent at building it, is spent into feeding internet troll farms trying to mock similar Chinese and Russian programs.

2. A sufficient portion of the electric load in the country is now in households with smart meters most of which have an on/off switch inside which can be controlled remotely. Alternatively, local residential transformer stations are now fully instrumented for remote control (including shutdown and reconnection) as well as connected to the net via mobile. The fact that both are on private networks is irrelevant. If you look up which outsourcer runs these contracts communication-wise you will gulp (I will save this detail, you can Google it). Soviets had the "disintegration of grids by controlled on/off sequence" down to a fine art with all the computations, etc as far back as 80es (I know some of the people who worked on that). If anyone thinks that they have somehow lost it over the years - you are wrong. They have not. And once a grid is down as a grid - it's down. It may take weeks to bring it up fully even if the adversary is not keeping it down using further attacks.

3. Railway signalling was, is and will be in the stone age security-wise. If you have a look at the hiring requirements in that area by National rail, they all specify mandatory "railaway signalling" qualifications. You have to be a guild member which precludes any external security oversight by a proper security professional.

This is just off the top of my head - things I have come across over the years. The list can be continued with 4... 5... 6.... ad naseum.

All in all incredibly stupid idea. Boris Johnson sabre rattling in LoveHoney underwear instead of armour. You can guess what happens next if he actually tries to swing that sabre in anger.

Re:

[mjwx]

This sounds incredibly stupid; are they anthropomorphizing the internet to be some kind of alternative meatspace?

"Launching a cyber attack" isnt something that specifically targets a nation state, nor something that specifically comes from one, nor does it in particular cost anything, nor does it specifically have any kind of specific defense or even offense. Well designed infrastructure just isnt vulnerable to attack, period.

Pretty much everything connected to the internet is subject to constant attack, not necessarily from any fault other than its own flaws.

Their money would be better spent eliminating flaws, such as anything built on or with microsoft windows, rather than trying to do a pointless and meaningless "counter attack".

Don't expect any real weapons/functionality to come of this. This is just the latest brainfart to come out of the beleaguered Johnson government designed to appease the flag-shaggers and try to distract the rest of us from the problems they've created.

For 5B GBP, I don't expect them to even manage to come up with a plan on how to develop a subcommittee to come up with a plan to perform a cyber attack. And yes, this money could be put to so much better use employing more people in the NHS, or building new

So how soon...

[ancientt]

How soon will I read about criminals framing targets to get them hacked hard by the UK Gov.

Desperately need treaties on this

[joe_frisch]

Cyber attacks can do real damage - and one can imagine attacks doing strategic weapon levels of damage by destroying banking systems, sabotaging healthcare etc. Attacks can target strategic nuclear assets - which could be viewed as equivalent to a conventional attempt to destroy a nation's strategic arsenal.

I think we need clearly defined rules before a series of escalating attacks ends in catastrophe .

half full, half empty

[ChrisPa]

The pessimistic will say this will lead to real war. The optimist will hope the escalation leads to treaties that more effectively self-regulate the criminal behavior. Needing to stay off the radar of local law enforcement is a non-trivial limitation. The internet is not the first time in history when criminals of one type or another have crossed borders to reduce their risk. It generally works well for small irritants, but courts war (or a crackdown to avoid war) if the irritation level ramps up. Or some

Re:

[Anonymous Coward]

Treaties are not going to help much. All governments will do is have proxy organizations do the dirty work for them.

Only real defense is to put the vise on companies that make insecure software, and allow them to be criminally and civilly liable, regardless of how their TOS/EULA details is. Until this is done, it is just whack a mole.

Re: half full, half empty

[Pinky's Brain]

Everything is written in C and will be for decades, that's a lost cause.

Re:

[dowhileor]

the point is to regulate ones own behavior before a treaty is needed. if people were worried about war they would not allow such behavior in their domains.

Well... 5 billion pounds buys a LOT of retaliation

[bferrell]

That in turn will need at least an equal response, if not more.

Would. you. like. to. play. a. game?
Strange game Dr Faulken.
It seems the only way to win is to not play.

Re:

[Coisiche]

Well, that might be the case if the 5 billion was actually spent on retaliatory action.

But nobody needs to worry about this.

Based on the previous situations where this government has "splashed the cash", that 5 billion is going to go to friends and family of Conservative MPs who will be barely capable of switching on a computer let alone mounting any kind of cyber offensive.

More like 4.9 Billion

[Canberra1]

More like spend 4.9 billion more in spying and raping data and undermining citizens privacy of the UK, and 0.1 billion in PR releases. Take CERT. How many defects have been put forward by .uk. Not enough. And if this was a 'war' then CERT would be flooded with UK discovered CVE's.

Geneva convention

[petes_PoV]

Typical targets could include electric power stations, telecommunication service providers, and various basic infrastructure entities

I was under the impression that International Humanitarian Law prohibited targeting civilians, non-combatants and vital services.

So by doing this, the UK leaves itself open to reprisals against its own infrastructure. Glass houses and stones, anyone?

Re:

[excelsior_gr]

If no war is declared, the Geneva Convention does not apply. In a war, if the combatants are not identified as such (e.g. no insignia), the Geneva Convention does not apply. If the war is against "terrorism", anyone that might be harbouring hostiles is not protected by the Geneva Convention. Even under the protection of the Geneva Convention, the concept of collateral damage still leaves quite a bit of wiggle room. Enter solemn politician expressing "regrets" and sending "thoughts and prayers".

The Geneva Co

should be fully operational by 2030

[bsdetector101]

lol 9 years of no defense then ?

cause arms races are such a smart move

[bloodhawk]

Typical targets could include electric power stations, telecommunication service providers, and various basic infrastructure entities where any service disruption would result in a large-scale impact

yes like deaths of many innocent people, really this makes the UK no better than those it is attacking. seems that would be the equivalent of an act of war and deservedly so.

Cyber BS ..

[takionya]

But I too would type any ole BS for 5 billion pounds ($6.8 billion) :]

*Amazingly* retarded.

[BAReFO0t]

Reminds me of that graffiti

We kill people
who kill people
because killing people is wrong.

Why, in the fucking 21st century, are people out there that are still so *retarded*??

Is it fucking wrong to hack others and destroy their shit or is it not? CHOOSE *ONE* OF THEM!

If you doing what you call wrong, you call yourself wrong, and must now destroy yourself too. And if you don't get that, and hence disagree, you are literally medically retarded and need a legal guardian to even be allowed to leave the nuthouse.

W

5B ?

[hebertrich]

kind of tired of .. soft .. retaliatory techniques .. how about 5 B in axes , explosives , and cutters and simply cut off the cables of offending countries ? .. Russia ? problem solved .. what they can still go at it ? satellite you say ? where's the dish ? softer methods don't work .. just cut the offenders links to the internet and if they ever start to police their own .. well .. maybe they can join again. Im tired of countries going soft over giant state sponsored players. just .. cut em off.

retaliate in meatspace

[SirLanse]

Hire Blackwater or other transnational organization to hunt down and defenstrate a few cyber criminals. Kill a few and word will spread.

Re:

[AxeTheMax]

I think the general tenor of most comments above is that it would be like hiring that same Blackwater - https://www.brookings.edu/arti... [brookings.edu] , and I'd agree. I'm guessing you see them as competent and heroic.

How stupid can you be?

[gweihir]

Attribution is unsolved. Hence any "retaliation" will likely hit the wrong targets. But the cave-men apparently cannot live without applying violence to _somebody_.