Opinion

US vs UK: Let the cyber war games begin!

6 min read

19 January 2015

The UK's cyber security sector is worth over £6bn, growing three times as fast as our overall economy and earning £1 in every £5 from the internet. But can the sector truly stand up to the rising threat of advanced hackers? Queue David Cameron, Barack Obama and their new joint effort to combat cyber threats.

Image source

British game Defcon was one of those unique games where thermonuclear war was visually represented as coloured streaks across a world map. Think ‘War Games‘ starring Matthew Broderick, where in the last scene everyone watched in horror as nukes launched across the globe. 

Being the tactical “everyone dies” kind if game, it’s not hard to realise that it’s not everyone’s cup of tea, but did you know that the UK government is no stranger to such games?

In 2014, Cameron, Obama, Angela Merkel (who wasn’t pleased about having to participate) and Xi Jinping, to name a few, played a ‘nukes on the loose’ war game to see whether they were prepared for a terrorist nuclear attack. 

Actors played a series of short films, unfolding the plot of a terrorist attack taking place in an unnamed metropolis. But rather than deciding how to pit their military might against the offender, they were set a series of questions after each film segment, with the clock ticking down and reminding them to make rapid choices on their supplied tablets.

A diplomatic source said: “They had to give an answer on their own, in real time. It was like a test. It put them on the spot. Should they inform the public or keep them in the dark? Should they work with other countries or stand alone to try to thwart or minimise the attack? How should they make the cold calculation of how to get a more sustainable human cost in terms of deaths?”

The NSS said: “This is the first time that an interactive approach of this nature has been taken at such an extensive summit.” And, apparently, the game was supposed to give the congregated leaders a “scared to death” feeling.

If you haven’t experienced any such nuclear-based games, then feast your eyes on IP Viking. Rather than nuclear war, it shows you where cyber attacks are coming from. And, unlike the above mentioned games, it all in real time! 

Here’s an example:

The map is simply astonishing to behold – and slightly unnerving – when activity starts happening. It becomes especially scary when it really puts into perspective how large these attacks truly are.

In fact, earlier this month a GCHQ report pointed out that over 80 per cent of larger companies suffered some form of breach in 2014 – a worrying statistic. This cost businesses a whopping £600,000 to £1.5m.

“This is an evolving threat which poses a real risk to our businesses and that is why we are taking our co-operation with the US to an unprecedented level,” said Cameron.

How does the government plan to save these businesses with the help of the US? Another round of ‘war games’, of course, which will be carried out by GCHQ, MI5, the National Security Agency and the FBI. And this time, it could truly take on the format of Defcon or IP Viking.

A “cyber cell” of agents will be posted on both sides of the Atlantic in order to simulate wide ranging attacks on computer systems in both countries. 

These series of tests will range from transport systems to energy stations, but first off: Wall Street vs London City. More specifically, attacks will be staged on each country’s financial sector.

This comes hand-in-hand with Cambridge University research, which suggested that banks were under-reporting cyber fraud because they didn’t want to scare away customers.  

MI5, GCHQ and the FBI will share intelligence with each other after the game is completed. 

“This will be key in this programme’s success,” said LogRhythm VP Ross Brewer. “While, in the UK, we have seen the Waking Shark exercise and the Bank of England employee ethical hackers to test its infrastructure in recent years, it is only worthwhile if the lessons learned are acted upon and shared with a wider audience. It doesn’t matter which industry you are in, or which country you live, it’s still us against the bad guys.

How will we stand a chance against the US though?

At the beginning of 2014, Vince Cable suggested that more needed to be done to protect the UK from cyber criminals. He even added that banks were particularly vulnerable. 

In fact, BBA and PwC reports pointed out that 93 per cent of larger companies suffered some form of breach in 2014 – a worrying statistic. This cost businesses a whopping £600,000 to £1.5m, according to GCHQ.

That doesn’t sound like we’ll be off to a good start!