• This is a stand-to for an incoming competition, one of our most expensive yet.
    Later this week we're going to be offering the opportunity to Win £270 Rab Neutrino Pro military down jacket
    Visit the thread at that link above and Watch it to be notified as soon as the competition goes live

GCHQ's National Cyber Security Centre opens for business following delays

#1
HM opens the new cyber security centre today in London.

GCHQ's National Cyber Security Centre opens for business following delays | TheINQUIRER

I'm sure there are a couple of GCHQ bods on this site and maybe they could answer a few questions if not too sensitive.

Why is it separate from Cheltenham?

It seems mainly to be for protecting the banking industry. Is that the biggest threat?

Will it be able to stop Bugsy's mong button thrashing?

Seriously though. Is cyber security as big a threat as it's made out to be?
 
#2
The internet of things is probably another thing, the breadth of things available to hack is growing

Also some cheap devices coming out of China be they IOT, smart phones etc have built in root kits, no doubt for the benefit of the Chinese government but also available for anyone else to exploit and use.

For data collection, use as a botnet, fraud, espionange and of course as more things become internet enabled so they increase our dependency on something that can be crippled from script kiddies right up to government sponsored black hats

It's a huge issue, that I hope they are taking seriously
 
#3
I'm only going by what I've seen on the media to date but seeing as the UK is heavily reliant on the digital/cyber sector any additional assets to deter and combat the threat is welcomed.

I should imagine GCHQ would have certainly been involved in the consultation, guidance and advisory element.

With the relevant budget being allocated to this defence sector the people & Government will ensure we're prepared, 60 attacks per month.

Cybersecurity: Queen to open centre to protect against attacks
Cybersecurity: Queen to open centre to protect against attacks - BBC News


Posted from the ARRSE Mobile app (iOS or Android)
 
Last edited:
#4
HM opens the new cyber security centre today in London.

GCHQ's National Cyber Security Centre opens for business following delays | TheINQUIRER

I'm sure there are a couple of GCHQ bods on this site and maybe they could answer a few questions if not too sensitive.

Why is it separate from Cheltenham?

It seems mainly to be for protecting the banking industry. Is that the biggest threat?

Will it be able to stop Bugsy's mong button thrashing?

Seriously though. Is cyber security as big a threat as it's made out to be?
1. I don't know but elements of NCSC (formerly CESG) haven't moved.
2. UK Government, Critical National Infrastructure and industry/business as a whole.
3. Probably not.
4. Yes.

I hope that helps!
 
#5
Seriously though. Is cyber security as big a threat as it's made out to be?
Yes - because its a potentially terrifying means of undermining the fabric of our society without physically destroying it, and if done well, damned hard to point the finger for retaliation.

Just contemplate how much of your daily life is enabled by the net, and then ask how you'd cope if denied access to it for a week. Then think how our national utilities, infrastructure, power, water etc would cope with the same circumstances.
 
#6
Yes - because its a potentially terrifying means of undermining the fabric of our society without physically destroying it, and if done well, damned hard to point the finger for retaliation.

Just contemplate how much of your daily life is enabled by the net, and then ask how you'd cope if denied access to it for a week. Then think how our national utilities, infrastructure, power, water etc would cope with the same circumstances.

I understand that pretty much everything these days is controlled by a computer to a certain degree. However my question was more to do with the fact that the media are making a big deal out of it. It's like there's a Bond villain in China just ready to click on the Enter button and the Western world goes into meltdown.

The cynic in me just thinks that by placing the centre in London it reinforces the belief that the square mile is the safest place to do financial business. The reality is of course that cyber security could in theory be run from anywhere (apart from my village as the internet is too slow)

But if it keeps London as the centre of finance, than I'm all for it.
 
#7
I understand that pretty much everything these days is controlled by a computer to a certain degree. However my question was more to do with the fact that the media are making a big deal out of it. It's like there's a Bond villain in China just ready to click on the Enter button and the Western world goes into meltdown.
If only it was a 'Bond' villain, how many hacking attacks have been from disgruntled kids of no ideology other than 'let it burn'. The iOT plus users who either dont understand the very basics of securing devices or why if they dont they are likely to get burnt, is not a good combination.
 
#8
(SNIP)

The cynic in me just thinks that by placing the centre in London it reinforces the belief that the square mile is the safest place to do financial business. The reality is of course that cyber security could in theory be run from anywhere (apart from my village as the internet is too slow)

But if it keeps London as the centre of finance, than I'm all for it.
Sounds like you could be in the safest place then when the wheel comes off!

Do you have enough tins of beans stockpiled?

:)
 
#9
What the media overlook is that Cyber involves not only the Virtual but also the Physical and Cognitive domains.

The obvious example is data being transmitted as IP packets - which of course is now usd for telephony. The whole thing is vulnerable of denial of service attacks but also physical attacks against microwave links, fibre optic cables being dug up etc. In the 1991 Gulf war UK/US special forces attacked fibre optics that Saddam used for communicating with his Scuds and other forces, so that his communications would be subject to coalition SIGINT. Likewise one the first British missions of the First World War was the cut the German transatlantic cables.

Why bother with complex hacks and when denial of service ones will do? If Amazon can have a denial of service attack closing there website by swamping it with requests to connect, what about organisations like MOD or DSTL where the public website is interconnected to an internal intranet?
 
#10
What the media overlook is that Cyber involves not only the Virtual but also the Physical and Cognitive domains.

The obvious example is data being transmitted as IP packets - which of course is now usd for telephony. The whole thing is vulnerable of denial of service attacks but also physical attacks against microwave links, fibre optic cables being dug up etc. In the 1991 Gulf war UK/US special forces attacked fibre optics that Saddam used for communicating with his Scuds and other forces, so that his communications would be subject to coalition SIGINT. Likewise one the first British missions of the First World War was the cut the German transatlantic cables.

Why bother with complex hacks and when denial of service ones will do? If Amazon can have a denial of service attack closing there website by swamping it with requests to connect, what about organisations like MOD or DSTL where the public website is interconnected to an internal intranet?
I've posted this before but also in the Second too; which had the knock on effect of forcing the Germans onto HF comms for the long-distance stuff, thereby rendering them more vulnerable to interception and recording by the Y Stations followed by the subsequent decryption operation at Bletchley Park.

Apparently, there was a cable ship belonging to Cable and Wireless pre-positioned off the German coast and as soon as war was declared down went the hook, up came the cables, 'snip' and the rest as they say, is history!
 
#11
There was a Green Paper on Information Warfare, from the Maritime Warfare Centre, on the RN website,. However, someone must have realised that it was a bit sensitive and pulled it.

Some related papers can be found here - from a University of Cambridge lecturer:

Index of /~rja14/Papers
 
#12
For a really good insight watch BBC 4 Storyville; Zero Day about Stuxnet (see also wiki)

In 1994 during Option for Change the Commitments area of the MOD staff were invited to reorganise. The (Navy) 3* DCDS(C) tasked his three 2*s to go away and think about it.

Come the day and they all sat in DCDS(C)s office (none of this "C" crap in those days. No IT either in MB. Each 2* presented their thought. Two out of three produced predictable responses. The third, one Maj Gen Rupert Smith pulled from his pocket a serviette that he had scribbled on over lunch. He carefully spread it on the table. We need three capability directorates he said. Air land, Maritime, and Space. The word "cyberspace" was not in common use age but Smiths description of the need to be right ahead, in both offensive and defensive terms, of the emerging cyber battlespace was (looking at it now) spot on.

Needless to say the idea never got off the ground back then. I think we lost a few OF5s instead and binned the typing pool. Oh and formed PJHQ.
 

Wordsmith

LE
Book Reviewer
#13
Seriously though. Is cyber security as big a threat as it's made out to be?
All websites contain some degree of vulnerability. It could be as minor as an error message disclosing the type of software in use. It could be as dumb as making your admin interfaces publicly accessible and communicating with them using clear text. Some vulnerabilities are easy to exploit, some take a major amount of expertise.

My purely personal guess is that, were there ever to be a major shooting war again, major bits of infrastructure would suddenly come to a grinding halt on both sides of the front line.

In the meantime state sponsored hacking is a great way of reducing your R & D costs. Sometimes China, Russia, etc., get a bad name because hackers sometimes come their their servers to cover their tracks. And sometimes it's justified.

Is cyber security a threat? Yep - because there are definite benefits to state sponsored hacking. And for a really clever criminal, its a lot less risky than robbing a bank - you can cover your tracks pretty well on the interweb.

My personal take - YMMV.

Wordsmith
 
#14
If only it was a 'Bond' villain, how many hacking attacks have been from disgruntled kids of no ideology other than 'let it burn'. The iOT plus users who either dont understand the very basics of securing devices or why if they dont they are likely to get burnt, is not a good combination.
STUXNET...
 
#16
This thread leads me to think that the MoD might not be totally incompetent when it comes to procuring IT. Perhaps JAMES has been deliberately designed to be useless in an attempt to stop potential enemies from seeing how many lightweight field generators we could attack them with........
 
#17
What the media overlook is that Cyber involves not only the Virtual but also the Physical and Cognitive domains.

The obvious example is data being transmitted as IP packets - which of course is now usd for telephony. The whole thing is vulnerable of denial of service attacks but also physical attacks against microwave links, fibre optic cables being dug up etc. In the 1991 Gulf war UK/US special forces attacked fibre optics that Saddam used for communicating with his Scuds and other forces, so that his communications would be subject to coalition SIGINT. Likewise one the first British missions of the First World War was the cut the German transatlantic cables.

Why bother with complex hacks and when denial of service ones will do? If Amazon can have a denial of service attack closing there website by swamping it with requests to connect, what about organisations like MOD or DSTL where the public website is interconnected to an internal intranet?
You have much to learn, young Padawan. The game is considerably more cerebral.

No details, but consider this:

In WW2 the Ultra intelligence product was so secret, and so valuable, that it was frequently and knowingly withheld from operational commanders, even though it may have influenced an operation, lest the cat be let out of the bag that we were reading their "secure" traffic.

That was 70 years ago. Let your imagination run riot with how that may have developed, and you're probably still nowhere near what the cyber spooks get up to. I only have an inkling, due to my previous job, but cutting fibers is the modern equivalent of bombing the shit out of Dresden. There are much more effective ways to wage war than 1000 bomber raids today.
 
#18
Why is it separate from Cheltenham?
It isn't separate.

Why is it separate from Cheltenham?
It isn't separate.

It seems mainly to be for protecting the banking industry. Is that the biggest threat?
No. And it isn't mainly for that. The mission statement envelops the banking industry though.

Seriously though. Is cyber security as big a threat as it's made out to be?
Yes.
 

Latest Threads

Top