GCHQ's National Cyber Security Centre opens for business following delays

Discussion in 'Current Affairs, News and Analysis' started by Murphy_Slaw, Feb 14, 2017.

Welcome to the Army Rumour Service, ARRSE

The UK's largest and busiest UNofficial military website.

The heart of the site is the forum area, including:

  1. HM opens the new cyber security centre today in London.

    GCHQ's National Cyber Security Centre opens for business following delays | TheINQUIRER

    I'm sure there are a couple of GCHQ bods on this site and maybe they could answer a few questions if not too sensitive.

    Why is it separate from Cheltenham?

    It seems mainly to be for protecting the banking industry. Is that the biggest threat?

    Will it be able to stop Bugsy's mong button thrashing?

    Seriously though. Is cyber security as big a threat as it's made out to be?
    • Excellent Topic Excellent Topic x 4
    • Like Like x 2
    • Funny Funny x 2
  2. The internet of things is probably another thing, the breadth of things available to hack is growing

    Also some cheap devices coming out of China be they IOT, smart phones etc have built in root kits, no doubt for the benefit of the Chinese government but also available for anyone else to exploit and use.

    For data collection, use as a botnet, fraud, espionange and of course as more things become internet enabled so they increase our dependency on something that can be crippled from script kiddies right up to government sponsored black hats

    It's a huge issue, that I hope they are taking seriously
    • Like Like x 3
  3. I'm only going by what I've seen on the media to date but seeing as the UK is heavily reliant on the digital/cyber sector any additional assets to deter and combat the threat is welcomed.

    I should imagine GCHQ would have certainly been involved in the consultation, guidance and advisory element.

    With the relevant budget being allocated to this defence sector the people & Government will ensure we're prepared, 60 attacks per month.

    Cybersecurity: Queen to open centre to protect against attacks
    Cybersecurity: Queen to open centre to protect against attacks - BBC News

    Posted from the ARRSE Mobile app (iOS or Android)
    Last edited: Feb 14, 2017
    • Like Like x 1
  4. 1. I don't know but elements of NCSC (formerly CESG) haven't moved.
    2. UK Government, Critical National Infrastructure and industry/business as a whole.
    3. Probably not.
    4. Yes.

    I hope that helps!
  5. Yes - because its a potentially terrifying means of undermining the fabric of our society without physically destroying it, and if done well, damned hard to point the finger for retaliation.

    Just contemplate how much of your daily life is enabled by the net, and then ask how you'd cope if denied access to it for a week. Then think how our national utilities, infrastructure, power, water etc would cope with the same circumstances.
    • Like Like x 8

  6. I understand that pretty much everything these days is controlled by a computer to a certain degree. However my question was more to do with the fact that the media are making a big deal out of it. It's like there's a Bond villain in China just ready to click on the Enter button and the Western world goes into meltdown.

    The cynic in me just thinks that by placing the centre in London it reinforces the belief that the square mile is the safest place to do financial business. The reality is of course that cyber security could in theory be run from anywhere (apart from my village as the internet is too slow)

    But if it keeps London as the centre of finance, than I'm all for it.
    • Like Like x 2
  7. If only it was a 'Bond' villain, how many hacking attacks have been from disgruntled kids of no ideology other than 'let it burn'. The iOT plus users who either dont understand the very basics of securing devices or why if they dont they are likely to get burnt, is not a good combination.
    • Like Like x 2
  8. Sounds like you could be in the safest place then when the wheel comes off!

    Do you have enough tins of beans stockpiled?

    • Like Like x 3
  9. What the media overlook is that Cyber involves not only the Virtual but also the Physical and Cognitive domains.

    The obvious example is data being transmitted as IP packets - which of course is now usd for telephony. The whole thing is vulnerable of denial of service attacks but also physical attacks against microwave links, fibre optic cables being dug up etc. In the 1991 Gulf war UK/US special forces attacked fibre optics that Saddam used for communicating with his Scuds and other forces, so that his communications would be subject to coalition SIGINT. Likewise one the first British missions of the First World War was the cut the German transatlantic cables.

    Why bother with complex hacks and when denial of service ones will do? If Amazon can have a denial of service attack closing there website by swamping it with requests to connect, what about organisations like MOD or DSTL where the public website is interconnected to an internal intranet?
    • Like Like x 2
  10. I've posted this before but also in the Second too; which had the knock on effect of forcing the Germans onto HF comms for the long-distance stuff, thereby rendering them more vulnerable to interception and recording by the Y Stations followed by the subsequent decryption operation at Bletchley Park.

    Apparently, there was a cable ship belonging to Cable and Wireless pre-positioned off the German coast and as soon as war was declared down went the hook, up came the cables, 'snip' and the rest as they say, is history!
    • Informative Informative x 3
    • Like Like x 1
  11. There was a Green Paper on Information Warfare, from the Maritime Warfare Centre, on the RN website,. However, someone must have realised that it was a bit sensitive and pulled it.

    Some related papers can be found here - from a University of Cambridge lecturer:

    Index of /~rja14/Papers
  12. For a really good insight watch BBC 4 Storyville; Zero Day about Stuxnet (see also wiki)

    In 1994 during Option for Change the Commitments area of the MOD staff were invited to reorganise. The (Navy) 3* DCDS(C) tasked his three 2*s to go away and think about it.

    Come the day and they all sat in DCDS(C)s office (none of this "C" crap in those days. No IT either in MB. Each 2* presented their thought. Two out of three produced predictable responses. The third, one Maj Gen Rupert Smith pulled from his pocket a serviette that he had scribbled on over lunch. He carefully spread it on the table. We need three capability directorates he said. Air land, Maritime, and Space. The word "cyberspace" was not in common use age but Smiths description of the need to be right ahead, in both offensive and defensive terms, of the emerging cyber battlespace was (looking at it now) spot on.

    Needless to say the idea never got off the ground back then. I think we lost a few OF5s instead and binned the typing pool. Oh and formed PJHQ.
    • Informative Informative x 3
  13. Wordsmith

    Wordsmith LE Book Reviewer

    All websites contain some degree of vulnerability. It could be as minor as an error message disclosing the type of software in use. It could be as dumb as making your admin interfaces publicly accessible and communicating with them using clear text. Some vulnerabilities are easy to exploit, some take a major amount of expertise.

    My purely personal guess is that, were there ever to be a major shooting war again, major bits of infrastructure would suddenly come to a grinding halt on both sides of the front line.

    In the meantime state sponsored hacking is a great way of reducing your R & D costs. Sometimes China, Russia, etc., get a bad name because hackers sometimes come their their servers to cover their tracks. And sometimes it's justified.

    Is cyber security a threat? Yep - because there are definite benefits to state sponsored hacking. And for a really clever criminal, its a lot less risky than robbing a bank - you can cover your tracks pretty well on the interweb.

    My personal take - YMMV.

    • Like Like x 1
  14. STUXNET...
    • Informative Informative x 1