Deputy first minister flags up importance of Scottish cyber resilience
John Swinney tells Holyrood conference that most attackers are ‘exploiting the same basic failings’
Credit: Alistair Kerr/Holyrood
Scottish deputy first minister John Swinney says the threat of a category one cyberattack is one of the few things capable of keeping him awake at night.
Swinney, who has responsibility for Scotland’s cybersecurity, has good reason to be worried, with the head of the UK’s National Cyber Security Centre warning that a major cyberattack on the UK is almost inevitable.
As Ciaran Martin put it last year: “I think it is a matter of when, not if, and we will be fortunate to come to the end of the decade without having to trigger a ‘category one’ attack.”
The threat of such an attack – taken to mean one which causes sustained disruption of essential services or affects national security, leading to severe economic or social consequences or loss of life – is probably somewhere towards the top of the list of things that stop Swinney from sleeping, but the risk of cybercrime is rising across the board.
In fact, according to data presented by Greg Iddon, senior product marketing manager at Sophos, 53% of all reported crime in the UK is cybercrime.
"As attackers find more and more ingenious forms of attack, they are, more often than not, attempting to exploit the same basic failings – poor patching, network configuration, and password management"
John Swinney, deputy first minister of Scotland
There are thought to be around 2.2 billion stolen online passwords in circulation on the internet, globally, while Sophos detects over 500,000 new examples of malware every single day. In fact, according to Iddon, 75% of the malware detected is only found in one organisation, because it was designed specifically for that particular attack.
Meanwhile, the number of devices owned by any individual constantly increases, with each app on each device offering a potential entry-point for criminals, while the technology used for attacks is more sophisticated than it is for defences.
You can see why Swinney worries.
As the deputy FM said in discussing the growth of the digital economy over the last few years: “With new opportunities come new risks and threats, which must be identified, be carefully and effectively managed, to enable us to bear the fruits of the substantial opportunities which arise as a consequence.”
The most significant cyberattack in the UK’s history remains the WannaCry ransomware attack, in May 2017, affecting more than 300,000 computers across more than 150 nations, with American defence officials pointing the blame at North Korea. Despite significant disruption, part of the reason the attack was classified as ‘category two’, rather than ‘category one’, was that there was no loss of life.
Swinney’s responsibility for cyber resilience means maintaining regular dialogue with the National Cyber Security Centre, to prepare for attacks by both hostile states and cyber criminals.
In two years, the centre dealt with over 1,000 national cyber incidents, including 557 in the last 12 months.
Foundations in place
But while concern over the UK’s cybersecurity runs right to the top of government, Swinney was clear that ministers alone cannot deal with the issue, with the Scottish Government’s cyber resilience strategy based on collaboration with partners in the public, private and third sectors.
Addressing the recent Public Sector Cyber Security Scotland conference (pictured above), hosted by PublicTechnology sister publication Holyrood, Swinney said: “As attackers find more and more ingenious forms of attack, they are, more often than not, attempting to exploit the same basic failings – poor patching, network configuration, and password management. By doing these basics properly, most attacks around the public sector can be prevented or mitigated. This is why a good foundation in cyber resilience across all of our public service providers is so important.
“The public sector action plan sets out the key actions that Scottish public bodies should implement to ensure this foundation is in place. They include robust cyber governance arrangements, active cyber threat intelligence sharing, clear cyber incident response protocols, and independent insurance of critical technical controls to defend against the most common cyberattacks.”
Swinney added, in closing: “Do I sleep easy in my bed at night, given the amount of dedication and hard work that has gone on across Scotland in the last year to make us a more cyber-resilient nation? Well, I do feel more assured by what’s been achieved to minimise the risk. I do feel we’re in a better place in terms of building in cyber resilience so we can recover more quickly and more effectively than ever before. But I am absolutely clear that we have not yet reached our destination.”
Department seeks leaders in the areas of digital enablement and cyber risk
Government's new Innovation Strategy set out ambitious proposals to update processes, eliminate ageing kit, and embrace emerging technologies. PublicTechnology caught up with...
After last year’s taskforce report, a full consultation will open shortly
Recently launched National Leadership Centre to create online platform allowing leading officials to seek each other out
Migrating to the cloud or moving to a future network can be a risky business. BT explains how managing applications is important for end user experience, productivity and for understanding and...
BT presents a new eGuide, looking at how to build infrastructure able to support growth both now and into the future
BT spoke with Ovum's Brian Washburn about the network trends taking place in 2019, covering SD-WAN, NFV, hybrid networking and cloud connectivity services
BT walks through how CIOs are riding the wave of new network technology like SD-WAN, NFV, Cloud and Hybrid to shape their network for a digital future