The Ministry of Defence Main Building in London.
Information became public last week about another successful cyber attack. While that has become the norm, what makes this different is that this successful attack hit the UK Ministry of Defence’s Top Secret System.
There are unconfirmed reports that this compromise may have resulted from British military personnel and MoD staff accepted a friend requests from a fraudulent Facebook page/account that had been set up in the name of NATO’s top commander. UK officials have refused to speculate who was responsible for or who was behind this most recent incident. This latest publicly disclosed event took place as efforts are underway while UK officials are reportedly trying to engage with the Chinese Government to construct and agree upon “rules of the road” in cyber space.
Major General Jonathan Shaw publicly stated that the level of cyber attacks were “still on an upward curve” and went on to say that it was likely that some attacks had gone undetected. An upward curve, which is not new given in the current state of cyber defenses and the ever increasing cyber threat environment. He also stated that even though MoD’s budget will experience cuts next year, he believes it will include new money to improve cybersecurity.
Once again it took a compromising event before a fire was ignited under the organization’s current efforts to fortify the network defenses of MoD. This seems to be the norm not the exception! Why is it we have to experience a substantive event before we take action especially when it comes to high value targets like MoD’s classified systems?
Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.