A recently released high-level report reveals the UK intelligence services’ assessment of the threat posed by Islamist terrorists in the form of ‘electronic attack’, or what are increasingly referred to as ‘cyber attacks’.
The Intelligence and Security Committee (ISC) is the statutory body with oversight of the Security Service (MI5), Secret Intelligence Service (MI6), and Government Communications Headquarters (GCHQ). Since it was set up in 1994, its remit has expanded to include the Joint Intelligence Committee (JIC), and the Intelligence, Security and Resilience Group (ISRG). Every year, it presents a report to the Prime Minister, which also includes the results of its consultations with other bodies, including the Defence Intelligence Staff (DIS). In short, its job is to tell Number 10 how well the UK’s intelligence agencies are doing, and what problems exist.
The new report [pdf] was presented to the PM on 16 December last year and was eventually published last week [press release, PDF]. The section of interest to us is on page nine:
The Centre for the Protection of National Infrastructure (CPNI) told the Committee:
Electronic attack is also used by Islamist terrorists who have the capability to launch limited forms of attack over the internet. Technical capability varies greatly, and it appears that their intentions are the defacement or denial of service of specific websites. These attempts are often ***. There are, however, indications that awareness and use of electronic attack is on the increase and ***.
Note the redacted sections, which I’ll leave to you to fill as you see fit. It is clear from this document that CPNI regards the two principal vectors of cyber attack to be foreign intelligence services and Islamists. The report notes that GCHQ agrees, and it created something called the Network Defence Intelligence and Security Team (NDIST) in September 2008, to address this issue. This is a group you won’t find on Google, and which I’ve never heard of. How this will play together with the Cyber Security Operations Centre (CSOC), also at GCHQ , and due to become operational at the end of this month, remains to be seen, particularly as the ISC criticises government for not letting it know sooner about the CSOC.
For obvious reasons, the report is short on details, but it does give us a glimpse of how the UK’s intelligence community views the Islamist threat in the specific area of cyber attacks. It’s not talking about propaganda or recruitment, just about attacks on infrastructure and networked assets. To be honest, it’s hardly earth-shattering, and government seems to have a handle on it, even if GCHQ complains about a lack of staff and is running at “about a third below the level planned” in this field. I guess we’ll have to wait until next year to see how things change with respect to this particular confrontation in cyberspace.