Prime minister David Cameron has ordered a series of cyber attack exercises to be carried out in every government department in order to test their resilience to hackers.
The PM’s decision was made following a briefing by Cabinet Office minister, Matthew Hancock, in which he warned of the dangers of an attack similar to the one which struck the US Office of Personnel Management (OPM), according to the Sunday Times.
While much of the UK media has been focused of late on the Talk Talk attack, which may in the end have compromised less than 160,000 customers, the OPM hack earlier this year was far more damaging.
That attack is thought to have affected over 21 million former and current US government employees including some in highly sensitive roles, as well as some friends and family members.
The worry for the UK government now is that many ministers are not as cyber savvy as they should be, exposing them to potential dangers.
“The prime minister laid down the law and urged every minister to ensure their department was up to speed with data protection, urging them to run test attacks by GCHQ or even outside firms,” an anonymous source told the paper.
Number 10 said it didn’t comment on Cabinet leaks, but maintained that cybersecurity “continues to pose serious challenges to the UK as a whole.”
David Kennerley, threat research manager at Webroot, explained that government computer systems are attractive targets for hackers given the data they store.
“Whilst high-profile attacks like Talk Talk might dominate the news, external threats are only one aspect of any organization’s threat profile. Insider threats and social engineering can equally result in catastrophic data-breaches and deserve just as much attention,” he added.
“Indeed, state-sponsored attacks are a much more serious threat given their increased financial resources. The government needs to adopt a comprehensive approach to both internal and external data-protection. Relying on a strong, external firewall is no longer enough.”
Richard Brown, EMEA director of Channels & Alliances at Arbor Networks, warned that any cybersecurity exercises run by the government should be part of a wider program.
“Any test that focuses organizations on their incident handling processes and communications is a good thing, but it is also important that this sits alongside a proactive security program with people and analytics tools to detect and contain threats quickly—even when they make it past the perimeter defenses,” he added.
“People and process are key in this.”