National security at risk through connected IT systems

Elements of national infrastructure continue to be attacked electronically, says government

An arm of GCHQ advises the government on security

The increasing interconnection of government IT systems poses a growing risk to the security of the critical national infrastructure, according to a report from the government.

The Cabinet Office's National Risk Register aims to catalogue any dangers to the UK.

IT systems in government departments, including elements of the national infrastructure, continue to be attacked electronically, according to the report.

"Some of these attacks are well planned and well executed," it says.

The report found that interconnection of systems, while providing "huge benefit in terms of convenience, efficiency and cost saving" also requires " that departments effectively manage the associated risks."

In November last year Jonathan Evans, head of MI5, wrote to a number of UK businesses warning them that elements within China were spying on their networks.

And earlier in 2007, the German and UK media reported that Chinese spyware had been found on respective government systems.

Computing understands that the majority of the attacks on the UK are to obtain information, rather than disrupt systems.

But the potential of this less covert aspect of cyber warfare was revealed in May 2007, when Russian computers unleashed a sustained two week attack on Estonia's critical national infrastructure, disabling operations of the country's two main banks.

CESG, the Information Assurance arm of GCHQ (Government Communications Headquarters), is the main body that helps advise the government on information security risks.