Cyber-crime reports are 'just a snapshot', says GCHQ chief

By Sooraj Shah
17 May 2013 View Comments
Cyber crime key on keyboard

Cyber-crime incidents that are reported by the press are "just a snapshot" of what is actually happening, according to the government spy agency GCHQ's director Sir Iain Lobban.

In an article entitled "Countering the cyber threat to business" in the spring edition of the Institute of Directors Big Policy journal, Lobban said: "Cyberspace is contested every day, every hour, every minute, every second.

Further reading

"From GCHQ's vantage point, we have seen significant disruption to government systems - from malware picked up accidently from the internet but also from deliberate attacks. On average 33,000 malicious emails a month are blocked at the gateway to the Government Secure Intranet - they contain sophisticated malware, often sent by highly capable cyber criminals or by state sponsored groups," he added.

Lobban went on to urge business directors to understand how the cyber threat can affect their organisations, stating that it wasn't just an issue for the defence and security sector but for all firms.

He warned professional services firms' that their proprietary client information is an attractive target, for example.

He went on to say that organisations may not immediately realise that they have been targeted, with data being copied without any sign that it has happened.

"The risk of not acting now is that, by the time you realise your defences have been breached, it will be too late and the damage will have been done," he said.

"As technology becomes ever more affordable and available, it is open to a wide range of threat actors - states, criminals and hackers - to mount attacks which put at risk many millions of pounds of investment on a daily basis. If these attacks are left unchecked, they could have a devastating impact on the future earning potential of companies and the economic well-being of nations," he added.

Lobban also warned that the "Ten Steps To Cyber Security" in the Cyber Security Guidance for Business booklet produced by the Communications Electronics Security Group (CESG), the Department for Business Innovation and Skills (BIS) and the Centre for the Protection of National Infrastructure (CPNI) last year, while still valid, may be becoming outdated.

"What was considered a sophisticated cyber-attack only a year ago might now be incorporated into a downloadable and easy-to-deploy internet application, requiring little or no expertise to use," he warned.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

36 %
31 %
13 %
20 %