Britain could spend as much as £250 million on an offensive cyber-force composed of around 2,000 personnel to respond effectively to hostile states, domestic cyber gangs and terrorists. The new force will increase the number of available personnel in offensive cyber roles by as much as four times in the coming days.
Sources told The Times that the upcoming cyber-force, the creation of which is yet to be acknowledged by the government, will be composed of experts from the military, security services, and industry and will not only be required to respond effectively to cyber threats from Russia, but also to deter criminal gangs, paedophile rings, and people-traffickers.
The new offensive cyber-force will probably be named “joint cyber-force” by the government following its introduction and will be based either at RAF Wyton in Cambridgeshire or MoD Corsham in Wiltshire. Its creation was inspired by Britain’s successful cyber-offensive against the Islamic State in Iraq and Syria that involved British agencies disrupting cash transfers, disseminating fake news among terrorists, and using malware to block their access to data.
According to The Times, GCHQ and the MoD are presently at loggerheads over the command structure of the offensive cyber-force. As per a Times source, while the military will want it to be a high-level war-fighting force that can do things like counter-missile programmes, politicians will want a tactical force that focuses on combating crime and domestic terror threats.
Britain has the right to respond to cyber threats
Earlier this year, Attorney General Jeremy Wright said that the UK had the right to “name and shame” states that sought to disrupt the UK’s industries by carrying out cyber attacks through proxies or those who sought to manipulate the electoral system to alter the results of elections.
Addressing the foreign affairs think tank at Chatham, Mr. Wright said that a hostile country cannot escape retaliation by hiding behind proxy groups after supporting targeted cyber attacks on the UK’s critical infrastructure firms, adding that such attacks should be treated with as much seriousness as bombing raids.
He added that the use of cyber operations by a hostile state to manipulate the electoral system to alter the results of an election in another state, intervention in the fundamental operation of parliament, or in the stability of our financial system must surely be a breach of the prohibition on intervention in the domestic affairs of states.
“A breach of this principle of non-intervention provides victim states with the ability to take action in response that would otherwise be considered unlawful, but which is permissible if it is aimed at returning relations between a hostile state and the victim state to one of lawfulness and bringing an end to the prior unlawful act,” Mr. Wright added.
Jeremy Fleming, head of the British Government’s Communications Headquarters (GCHQ), also said at the CyberUK18 conference in Manchester Central in April that Britain was capable of carrying out cyber warfare campaigns and had demonstrated it by successfully defeating the Islamic State’s online propaganda efforts.
“These operations have made a significant contribution to coalition efforts to suppress Daesh propaganda, hindered their ability to coordinate attacks, and protected coalition forces on the battlefield.
“In 2017 there were times when Daesh found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications. Of course, the job is never done – they will continue to evade and re-invent. But this campaign shows how targeted and effective offensive cyber can be,” he added.