UK needs sanctioned networks 'dedicated to government-only activity' to protect against hackers

Coventry University's Dr Siraj Shaikh tells Computing more needs to be done to protect infrastructure against hackers

Britain should invest in sanctioned, government-only computer networks in order to protect itself against cyber espionage, an expert in cyber security has told Computing.

Dr Siraj Ahmed Shaikh, reader in cyber Security and lead for digital security and forensics (SaFe) research group at Coventry University, made the remarks following the revelation that British government and industry networks are under attack from around 70 cyber espionage operations a month.

"The government has to really move quickly on this and start thinking about sanctioning networks dedicated to government-only activity, possibly air-gapping as much of the valuable information as possible," Dr Shaikh told Computing.

"Moreover, network security monitoring needs to be escalated and some radical cyber defence strategies ought to be conceived to enforce stricter network lock-down policies (in case of certain attacks) to prevent service and data loss."

Dr Shaikh also suggested traditional cyber security systems are failing to protect against the theft of documents as hackers increasingly turn to peer-to-peer networks in order to perpetrate crimes.

"The theft of valuable information such as sensitive data, official documents and protected design is indeed a worry. Targeted attempts to steal information at such scale, also known as exfiltration, is what we are seeing here," he told Computing.

"To address such threats, typical IDS and monitoring systems are failing as attackers make use of peer-to-peer networks to get large chunks of data transferred over the network, and such peer-to-peer traffic is often not distinguishable from other popular peer-to-peer activity such a video,audio and media-sharing and online social network traffic," he said.

Coventry University and Dr Shaikh are attempting to nurture the cyber security experts of the future through the training of ethical hackers equipped with the skills to beat cyber criminals at their own game.