The UK chancellor of the exchequer has spoken out about the rising cyber-capability of "hostile foreign actors" and said the UK needs to enhance its offensive cyber capabilities to combat hackers who may soon target British critical infrastructure including airports and power grids.
"A small number of hostile foreign actors have developed and deployed offensive cyber capabilities, including destructive ones. These capabilities threaten the security of the UK's critical national infrastructure," Philip Hammond MP warned in a speech on 1 November.
He continued: "Increasingly, the systems that underpin our daily lives are connected to the internet – air traffic control, satellites, power grids – as well as the domestic devices in our pockets, our homes and our cars.
"If we do not have the ability to respond in cyberspace to an attack that takes down our power networks leaving us in darkness, or hits our air traffic control system, grounding our planes, we would be left with the impossible choice of turning the other cheek and ignoring the devastating consequences, or resorting to a military response."
The speech, which was made during the launch of the UK's latest National Cybersecurity strategy (2016-2020), elaborated on how the UK government – and British intelligence agencies MI5 and GCHQ – will now develop a "fully functioning and operational cyber counter-attack" capability.
"There is no doubt in my mind that the precursor to any future state-on-state conflict would be a campaign of escalating cyber-attacks, to break down our defences and test our resolve before the first shot is fired," Hammond said, adding: "We will not only defend ourselves in cyberspace; we will strike back in kind when we are attacked."
As previously reported, the latest cybersecurity strategy comes alongside a significant £1.9bn spending boost – which will be used to hire new specialists, invest in the latest cybercrime protection technology and help establish a so-called 'Cybersecurity Research Institute'.
The increased investment comes amid an increase in alleged nation-state hacking. Most recently, a rift has developed between the US and Russia over suspected tampering in the upcoming presidential elections. Furthermore, Kremlin-linked groups are believed to have directly targeted the US Democratic Party.
In his speech, Hammond failed to specifically name any of the "hostile" threats he was referring to – yet the cybersecurity strategy itself names "Russian-language organised criminal groups (OCGs) in Eastern Europe" as a major source of "fraud, theft and extortion" cyberattacks against the UK.
On nation-state activity, the report adds: "We regularly see attempts by states and state-sponsored groups to penetrate UK networks for political, diplomatic, technological, commercial and strategic advantage, with a principal focus on the government, defence, finance, energy and telecommunications sectors."
It claims that – currently – only a handful of countries have the technical ability to pose a serious threat to the UK, yet admits "many other states are developing sophisticated cyber programmes that could pose a threat to UK interests in the near future."