The UK's defence secretary Philip Hammond has taken the unusual step of admitting the UK is developing the capabilities to launch offensive cyber attacks.
Defence secretary Philip Hammond has said that the government will begin recruiting hundreds of computer experts as cyber reservists to help "defend the UK's national security, working at the cutting-edge of the nation's cyber defences".
The new recruits will join a newly established Joint Cyber Reserve and will work alongside regular forces to help protect "critical computer networks and safeguard vital data", he explained.
Hammond said: "In response to the growing cyber threat, we are developing a full-spectrum military cyber capability, including a strike capability, to enhance the UK's range of military capabilities. Increasingly, our defence budget is being invested in high-end capabilities such as cyber and intelligence and surveillance assets to ensure we can keep the country safe."
As public awareness of cyber threats grows, governments around the world will need to be seen to be doing something about it, said Dr Jarno Limnell, director of cyber security for Stonesoft, a McAfee Group company.
"With ever-heightened awareness amongst the general public of the threats the UK is beginning to face, not just from other states but also rogue-factions, the development of offensive cyber-weapons will become fiercer and publicly more acceptable," said Limnell.
Threat is real
Hammond revealed that 400,000 advanced malicious cyber threats against the government's systems were blocked in the last year alone. "So the threat is real," he told Conservative party delegates in Manchester.
"But simply building cyber defences is not enough: as in other domains of warfare, we also have to deter. Britain will build a dedicated capability to counterattack in cyberspace and if necessary to strike in cyberspace."
This admission that it is creating a dedicated team of experts to carry out offensive cyber-attacks makes the UK unique as all other major world powers have consistently denied carrying out such attacks.
Some welcomed Hammond's proactive approach. Peter Armstrong, director of cyber security at Thales UK, said: "With the advent of cyber espionage and attacks which threaten national critical infrastructure, the need for a holistic approach to national security is long overdue. It's great to see the Ministry of Defence taking its share of responsibility for this alongside its traditional physical defence remit."
Others however questioned the timing of such an announcement:
"Why make plans for a cyber-strike force public now?" Thomas Rid, reader in the department of war studies at King's College London told the Financial Times. "Such aggressive statements can be counter-productive. Other actors will want to react in kind, making everybody less secure."
Limnell added: "Hammond's revelation should not come as a surprise, nation states worldwide are pouring huge resources into developing a range of defensive, offence and intelligence capabilities. Within the next couple of years the world will experience an increasing number of intentionally executed and demonstrated cyber-attacks resulting in militaristic and economic damage but also loss of civilian life."
While it is widely known that the likes of the US, Russia, China and Israel all carry out these type of cyber-attacks, they have refused to confirm it on the record.
The US is widely known to have collaborated with Israel to develop the highly-complex Stuxnet worm under its top secret Olympic Games programme with the single aim of disrupting Iran's nuclear enrichment programme, but officials have steadfastly refused to say so on the record.
China has similarly been very cautious about admitting it is involved in any form of offensive cyber-attacks against the likes of the US, despite widespread evidence to the contrary. A report by security firm Mandiant identified a small group of hackers based in Shanghai and linked to the Communist Party of China who were active for over seven years, infiltrating 141 organisations around the globe.
Recruiting for the Joint Cyber Reserve will start in October and target three sectors: regular personnel leaving the armed forces, current and former reservists with the necessary skills, and individuals with no previous military experience, but with the technical knowledge, skills, experience and aptitude to work in this highly-specialised area.