What have bad actors and the 80s got in common with cybersecurity today? (Guest blog by Atos)
“Cybercrime is the greatest threat to every company in the world.”
Ginni Rommety
As I sit down with my favourite coffee, pondering this blog and the key takeaways I would like you, the reader, to come away with, my mind is already made up over the direction I intend to take. As a security professional and technologist, the safe - read hackneyed - approach would be to lead with technological advances, and how great technology is for this country, our citizens, and the human race at large. Indeed, cyber power, which can be defined as ‘society’s organised capability to leverage digital technology for surveillance, exploitation, subversion, and coercion in international conflict’ (thank you Ralph Langner, source Cyber Power - An Emerging Factor in National and International Security), hinges on this.
I could therefore wax lyrical about individual components such as HPC, Quantum Computing, 5G/6G, the Metaverse, and a whole array of differing technologies that clearly all play a part in positioning the UK and its allies as key players in the next generation advancement. But I choose not to as I’d like to leave you with a different picture. ‘Why?’, you may ask?
Having read the National Cyber Strategy 2022 publication, it clearly sets out the role for the UK and its allies over the next decade, and its importance in the cyber landscape, as well as creating a model and approach to support the next generation. This is all admiral and necessary - dealing with technology, as well as understanding the adverse effects from foreign governments, intelligence services, and bad actors against which the country and allies need to defend, to keep citizens safe and the country secure, and ensure UK remains at the forefront as a technological leader.
But technology that is used today comes and goes. It is refreshed, complimented, updated, and replaced many times over in our lifetime. It is never a constant, which citizens no doubt are aware of, but do not necessarily actively or readily accept. Change is the constant. Back in the 1980’s when YouTube did not exist and MTV actually played music videos, I recall the beginning of my IT career where the only way I could access a remote network to do my job, was by connecting a computer via the telephone line, via an acoustic coupler. How times have changed! The equipment that was used then is still available now, albeit it has either been demoted to the back of people’s garages, or to history museums, where people wonder at this old school technology in disbelief, unable to process in their minds how this was once used to access to online services.
Is it really relevant to look at technology from years ago, and what does it have to do with Cyber Power today, as we continue into the 21st century? It has everything to do with it. The bad actors that we hear about today are no different from the bad actors portrayed in the film ‘War Games’. The only difference is that in the 1980’s when Matthew Broderick was in his twenties, the number of people accessing remote networks and using technology, was almost entirely strictly limited to those that worked within the technology space or were fortunate enough to be able to afford the technology at the time. The bad actors then, were simply using the appropriate compromising methods afforded by the technology that was being used at the time.
Cue to today and the technology that is deployed. The number of bad actors, their methods used to compromise technology and their underlying objectives has not really changed. It has simply increased proportionally to the available deployed technology and therefore the increased numbers of possible attack targets (attack surfaces).
In summation, ‘Technology which is more available to people’ multiplied by ‘More people using the technology’ equals a ‘Greater opportunity to compromise’.
We can see from the National Cyber Strategy 2022 publication that it defines a response to the increased threats, by deploying defences against bad actors and the increased activities in this space. The UK Cyber Force in the UK’s response to increased threats by countering the cyber operations of these bad actors. The need for this offensive approach (and defensive approach) in dealing with increased threats, will in turn continually increase over time, as the advancement of the new technologies listed at the beginning of my blog presents an ever-increasing surface to attack.
So, what needs to be done to ensure the advancement and usage of new technology, that will shape the UK and its allies as formidable Cyber Powers, is more secure, safer, reliable and resilient? Collaboration is the key – over the decades, critical industries such as transport, energy, and financial services have built up a wealth of invaluable knowledge and experience, to shape, define, design, and build the technologies that are deployed. Designers of new technologies need to work closely with these industry experts to continue to deliver core technologies that are used by governments, businesses, and citizens today.
So, whether it’s War Games or Tenet, you’ll always have your bad actors and technologies of the day. The focus needs to be on collaboration, incubation labs, innovation hubs, research, and development centres to deliver safer, more reliable, more secure, and ultimately more resilient technologies, that will make the UK the leading force in generations to come.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.