MoD chief: There is more risk than ever of data being compromised

Captain Simon Wise says the MoD is continually under cyber attack

There is now more risk than ever of data being compromised, and the danger is set to grow, according to the deputy head of service operations at the Ministry of Defence (MoD), captain Simon Wise.

"Our economy and our culture is becoming increasingly digitised and using cyberspace for everyday business. This means that there is a growing amount of information online and therefore there is more of a risk of data being compromised," he said.

To illustrate the severity of the threat, Wise said that the MoD is continually being targeted and had to constantly try to improve its cyber defences.

"We have to constantly watch the type and nature of attacks against us so we can learn from them and better defend [against them] in the future," he said.

He conceded that some of the people behind the attacks may have an edge on the MoD in terms of the technology that they use, but said that the biggest challenge for the MoD is to understand the attackers' motive.

"One of the core challenges for anybody trying to do cyber defence is understanding attribution by asking questions like: where is that attack coming from? What is the purpose of the attack? What is the method of the attack?

"There is a lot said about organised crime on the internet. These attackers use tools and techniques that can be sold and used by anybody for their own purposes. So when we see attacks against us, we have to ask: is it coming from a lone hacker? Is it organised criminals looking for financial gain, or is it a foreign state using an organised criminal gang as a third party?" he said.

Wise said the MoD has taken a range of measures to bolster its digital defences.

"Firstly, our networks are externally accredited and there are a whole host of different mitigation measures in place.

"These include physical security such as controlled access to buildings along with password protection and identification and verification systems to allow initial access. Furthermore, there are network security tools that run in the background such as firewalls, antivirus software and patching to ensure that there are no exploitable features in any of the software that we are using," he said.

In terms of personnel, Wise said that the MoD's global operational security centre is manned at all times throughout the year.

"We have a full watch-keeping team who have got many automatic monitoring tools looking at network traffic. We also have analysts to look at and investigate any live events that we may see on the networks so that we can react swiftly to a malicious attack," he said.