GCHQ seeks to defend critical national networks from hackers

According to a report in the Daily Telegraph, GCHQ has enlisted the assistance of the Prime Minister in its master plan, which will centre on the agency analysing unusual network traffic and take defensive action if necessary.

"The Prime Minister last month summoned major firms including British Airways, BT and National Grid to Downing Street to discuss the plans, sources said", the paper noted.

The report goes on say that Baroness Pauline Neville-Jones, the UK's security minister, said that a significantly expanded national cyber security hub at GCHQ will analyse streams of data from major communications, power and transport providers for evidence of hacking.

"Currently, a small group, known as the Cyber Security Operations Centre, provides more limited intelligence on online threats to national security", asserted the paper.

Baroness Neville-Jones said the critical infrastructure plan had not yet had 'buy in' from some of the relevant companies.

"What we need is greater situational awareness," she told the paper, adding that the partnership will not break any boundaries that the UK has around privacy and personal data.

"She added GCHQ's new role monitoring private networks would mean the agency is 'embedded' in them, but that firms would link their own systems with those at the cyber security hub in Cheltenham", noted the paper.

Commenting on the plans, Frank Coggrave, general manager EMEA with Guidance Software, said that anything that helps protect against the increased threat to critical infrastructure is a good thing.

But for it to work – and importantly – for it to be accepted, he told Infosecurity, there must be significant processes in place to protect individuals' freedom and privacy.

"A quick first step in protecting critical infrastructure would be an increase in, and more open sharing and communication of threats, whereby security services and commercial organisations keep each other appraised of increasing risks or known threats", he said.

"For the system to work, sensors need to be implanted in the infrastructure networks and one question to ask is 'who owns the sensors?," he added.

Coggrave went on to question whether they are security service or commercially owned.

"There would probably be more acceptance of commercially owned sensors that provide a known and managed feed to the security services, as opposed to the security services having sensors they own and collecting who knows what data", he concluded.

What’s Hot on Infosecurity Magazine?