House of Lords hears evidence on risk of cyberterattacks
The House of Lords hears evidence that the U.K. communication system is vulnerable to cyberattacks; experts advised the Lords that since up to 90 percent of the critical infrastructure on which Europe depends is privately owned and crosses international boundaries, then only co-operative planning between public and private sectors, as well as EU member states, can hope to deal with the risks.
The House of Lords has heard evidence from a number of high-ranking IT experts about the risk of cyberattacks no the IT and communications infrastructure of the United Kingdom, and what might happen if a natural disaster interrupts the internet in a major way.
Infosecurity reports that most tier one ISPs, as well as London Telehouse and MANAP, the U.K.’s two main internet peering points, have contingency plans in the event of disaster. If, however, the communications links between the ISPs and the peering points are downed for any reason, the internet in the United Kingdom could be severely affected.
According to Symantec, one of just two private sector firms advising the Lords on the possible consequences, the main focus of the meeting was to advise the government on the EU’s policy on protecting European governments from large scale cyberattacks against critical infrastructure. Ilias Chantzos, Symantec’s director of government relations for Europe and Asia Pacific, answered questions on whether European governments are right to fear cyberattacks and how they can work together to mitigate the risks they pose.
These high impact, low probability cyberattacks fall under the classification of a “Black Swan” event and would, Infosecurity understands, come under the government’s classified major incident plans, which have several options, depending on the severity of the cyberattacks involved.
Symantec said that, since up to 90 percent of the critical infrastructure on which Europe depends is privately owned and crosses international boundaries, it has advised the government that only co-operative planning between public and private sectors, as well as EU member states, can hope to deal with Black Swan situations.
Amongst other items that Symantec presented to the Lords was the subject of how vulnerable the Internet is to widespread technical failures and how it could be affected by natural disasters. Topics discussed included whether regulatory intervention is unavoidable to ensure the resilience and stability of the Internet, and what this will cost the internet industry.
Symantec said its senior managers also discussed how concerned the government should be about criminally operated botnets and whether the problem can be tackled at the Europe level. Symantec also questioned whether the European Network and Information Security Agency (ENISA) is the right body to develop national Computer Emergency Response Teams (CERTs) within EU member states.