The British military could be exposed to cyber attack and a complacent government has failed to take preventative action to protect it. The failings could leave forces dangerously exposed in the event of war.
That is the damning conclusion of MPs on the Defence Select Committee in a new report, Defence and Cyber Security. It warns that the UK's forces have now become so dependent on IT that it represents a huge operational risk factor, which has not been sufficiently taken into account in military planning.
"It is our view that cyber security is a sufficiently urgent, significant and complex activity to warrant increased ministerial attention. The government needs to put in place - as it has not yet done - mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyberspace presents," said committee chairman James Arbuthnot MP.
He added that evidence given to the committee by government defence ministers betrayed a dangerous complacency.
The committee heard evidence that entire combat units, such as aircraft and warships, could be rendered completely dysfunctional by an attack. "Should such systems suffer a sustained cyber attack, their ability to operate could be fatally compromised," the report stated.
It added that more work also needed to be done in order to identify the type of cyber attack that might warrant a military response.
However, the Ministry of Defence (MoD) says that it has a range of "contingency plans" in place to meet any risks, and defence minister Andrew Murrison refuted the claims. He said that the government is investing some £650m over four years in its National Cyber Security Programme, which will also protect the British military.
"The UK armed forces and the equipment and assets they use are amongst the world's most modern and advanced, so of course information technology plays a vital role in their operation," Murrison told the BBC.
He added: "Far from being complacent, the MoD takes the protection of our systems extremely seriously and has a range of contingency plans in place to defend against increasingly sophisticated attacks although, for reasons of national security, we would not discuss these in detail."
However, Arbuthnot remained unimpressed: "We have asked the government to set out details of the contingency plans it has in place should such an attack occur. If it has none, it should say so - and urgently create some."
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy