U.K. boosts cyber forces amid fears of ISIS cyberattacks on critical infrastructure

The British government is bolstering its cyber army amid fears that ISIS jihadists are electronically targeting the country’s most vulnerable infrastructure.

“We are building our own offensive cyber capabilitya dedicated ability to counter-attack in cyberspace,” George Osborne, the U.K. finance minister, said in a speech at the headquarters of Britain’s spy agency, Government Communications Headquarters (GCHQ). “When we talk about tackling [the Islamic State in Iraq and Syria], that means tackling their cyber threat as well as their guns, bombs, and knives.”

ISIS is emerging as a global player after spending several years seizing territory in the Middle East. The group claimed credit for last week’s bombings and shootings in Paris that killed more than 100 people, and Western governments are now on high alert for other attacks.

“We will defend ourselves. But we will also take the fight to you.”

Osborne claimed that ISIS was trying to strike so-called “critical infrastructure” in the United Kingdom, including hospitals and power plants. He did not offer any evidence of this claim, but he said that GCHQ was tracking threats to nearly 500 energy, communications, and finance companies.

“They have not been able to use [cyberspace] to kill people yet by attacking our infrastructure through [a] cyberattack,” the finance minister told the GCHQ audience. “But we know they want [an offensive cyber capability] and are doing their best to build it.”

Cyberattacks against critical infrastructure are not new, but only a few have produced serious results. The Stuxnet computer virus that struck and disabled nearly one-fifth of Iran’s nuclear centrifuges in 2010 is believed to be the first such attack to cause physical damage. The United States and Israel reportedly co-developed the virus.

The new buildup of U.K. cyber forces will see cybersecurity spending rise to £1.9 billion ($2.9 billion) by 2020. GCHQ, the British equivalent of the U.S. National Security Agency, and the U.K. Defense Ministry will jointly oversee those forces.

The British military formed a Joint Cyber Reserve in September 2013 to augment its computer-security defenses, and the Army established its first cyber unit, the 77th Brigade, in April 2015. Alan Hill, head of information-security operations at the Defense Ministry, said in June that the military was facing increasingly sophisticated cyberattacks. “What the attackers are after has not changed,” he told the Financial Times. “It is the complexity of the attacks [that changes]. It is evolving almost daily, and we have to stay ahead of that game.”

Speaking at GCHQ on Tuesday, Osborne said that the decision to increase cyber spending came before the deadly Paris attacks. It could be motivated in part by the cyberattack that struck British Internet service provider TalkTalk in October. Hackers who breached TalkTalk’s databases stole the records of an estimated 157,000 customers.

“We will defend ourselves,” Osborne said. “But we will also take the fight to you.”

Photo via Rennett Stowe/Flickr (CC BY 2.0) | Remix by Jason Reed

Eric Geller

Eric Geller

Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.