Yesterday the head of the British Secret Intelligence Service (SIS), better known as MI6, held a public speech – for the first time ever. He was dealing with ethical issues such as torture and secrecy.
I’d like to focus on some other aspects of the speech (full version here) by Sir John Sawers, which have to do with a networked world and future threats. I think these issues, even though depressing, are important if one wants to think about scenarios for the future.
Sawers briefly explained the structure of the security services. The Secret Intelligence Service, MI6, operates abroad, dealing with threats overseas and gathering intelligence mainly from human sources. The security service, MI5, works in the UK, protecting the homeland from terrorist attack and other threats. GCHQ produces intelligence from communications, and takes the lead in the cyber world.
These three specialised services form the UK intelligence community, and operate in a networked world. Technology plays an ever growing part in their work, for SIS as well as GCHQ, and the boundary line between home and abroad is increasingly blurred. So, they’ll have to collaborate more and more – also in order to make savings.
The security services are dealing with more than the classical terrorist attacks:
But our country, our democratic system, will not be brought down by a typical terrorist attack.
The dangers of proliferation of nuclear weapons – and chemical and biological weapons – are more far-reaching. It can alter the whole balance of power in a region.
The impact of cyber attacks can be devastating as well:
Attacks on government information and commercial secrets of our companies are happening all the time. Electricity grids, our banking system, anything controlled by computers, could possibly be vulnerable. For some, cyber is becoming an instrument of policy as much as diplomacy or military force.
A few weeks ago, GCHQ director Iain Lobban said UK’s critical infrastructure – such as power grids and emergency services – faces a “real and credible” threat of cyber attack. The threat posed by terrorists, organised criminals and hostile foreign governments was “real and credible” and he demanded a swifter response to match the speed with which “cyber events” happened, so the BBC reported. Another interesting quote from the BBC coverage:
“Cyberspace is contested every day, every hour, every minute, every second. I can vouch for that from the displays in our own operations centre of minute-by-minute cyber attempts to penetrate systems around the world.”
While 80% of the threat to government systems could be dealt with through good information assurance practice – such as keeping security “patches” up to date – the remaining 20% was more complex and could not simply be solved by building “higher and higher” security walls.
It’s a sobering thought that the same characteristics we usually like so much in cyberspace, such as the blurring of national boundaries and the dazzling speed of innovation and change, are also lethal menaces.