The Intelligence and Security Committee (ISC)’s Russia Report is a landmark inquiry into the influence one nation can gain over another government. Its findings will be poured over for weeks and months. Without a doubt, it will instigate new investigations and lines of inquiry about government security not just in the UK, but internationally.
A large portion of the report centers on attempts to influence, mislead, or attack the UK Government through online activity. The ISC confirmed many of the risks that all governments face from foreign adversaries in the cyber space:
“Russia is a highly capable cyber actor, employing organised crime groups to supplement its cyber skills. [It] carries out malicious cyber activity in order to assert itself aggressively - for example, attempting to interfere in other countries’ elections.”
In particular, the report cites instances of Russian groups seeking to influence elections, spread disinformation, and conduct attacks against critical national infrastructure. While the UK is protected from direct attacks against the voting process because it uses a largely paper-based system, the report is very clear that the democratic process could still be undermined through other methods due to the frequency of attacks against the government.
The report commended the UK Government’s “increasingly assertive approach” when it comes to identifying and attributing attacks, which helps the international community to hold offending groups and their nation-backers accountable. Other governments are urged to also call out attackers to show that attacks will receive condemnation of the international community.
Unsurprisingly, as the cyber threat evolves, the mission towards a more secure world
never ends. This report will prompt intelligence agencies around the world to consider the security posture of their own government, and how its citizens could be targeted as well.
Large-scale national protective interventions
One of the main recommendations of the report is to establish a central responsibility for a coordinated response to these threats, rather than a “hot potato” approach with no one government body taking the lead, and where coordination between departments and agencies is confusing.
Intelligence agencies are called upon to take the lead in protecting the democratic process and all government departments are urged to work more cohesively to address this threat. This is aligned with Nominet’s own recommendations for government security - which is for large-scale, national protective interventions, to bring their citizens, businesses and economies a more secure environment.
National protective intervention means security policies, procedures, and technologies coordinated and deployed from the top, across all levels of government. This approach addresses the report’s recommendation for an accountable central body, which would have greater visibility of threats, and more power to mitigate them.
It also allows countries to address the two most important aspects of government security - breadth and depth. The departments, agencies, and committees most at risk of attack have to have in-depth levels of security and procedure to protect the most important assets.
However, by its nature the government is wide reaching - beyond central government and agencies there is local government, schools, healthcare. Therefore, there needs to be a breadth of security across all areas, otherwise weak points can be exploited for influence.
National protective intervention is critical to ensure a high level of security across all departments and to block the bulk of threats facing governments, so that resources can be funneled into protecting against the more sophisticated threats.
We believe that collaboration between government and the cybersecurity industry can achieve the most effective programs to make a difference in the world of cybercrime, securing critical supply chains and industries and creating a more secure ecosystem.
Not only will this facilitate a stronger domestic security posture, but it also facilitates more opportunities for international collaboration, which is another key recommendation from the ISC. The report calls for “international doctrine on the use of Offensive Cyber,” led by the UK alongside its allies, as the traditional Rules of Engagement of warfare and supplanted by activity in the cyber realm.
As the ISC dubs attempted malicious influence by foreign states “the new normal”, it has never been more important for countries to learn from the details of Russia’s attacks against the UK and assess their own cyber capabilities in line with these findings. By adopting strong, national protective measures and working in cooperation with other governments, countries can mitigate the cyber threat against their citizens.