Infosec 2015: Power, money and propaganda are main aims of cyberattacks, says GCHQ chief
Spook avoids talk of Snooper’s Charter
GCHQ's cyber security chief warned that the nation's businesses are at risk of being attacked by criminals and terrorists whose main motivations are money, power and propaganda.
Giving a keynote speech at the Infosec conference held in London this week, the intelligence agency's Director General for Cyber Security, Ciaran Martin, said that organisations should take their lead from GCHQ and render them as "irrelevant as possible".
He said that in the last 10 years, the security industry has moved from talking about "what might happen" to what is now happening on a daily basis". He told delegates that it had fallen to the agency to be the UK's "top scarer". He explained that the three main motives in cyber-attacks were money, power and propaganda - particularly as intellectual property and corporate reputation gain increasing importance to organisations.
"We're genuinely surprised at the variety of UK organisations that can been subject to intrusion," he said. He urged firms to think about what would make them "attractive as a target" to criminals as a good way of approaching IT security.
Martin said that organisations faced too many incidents to be concerned about "stopping attacks everywhere" and now the main aim in IT security was to protect "what you care about most".
But the UK market, despite increased awareness of attacks, displayed a "relative immaturity of norms and practices", even in supposedly secure institutions, said Martin. He hoped that new GCHQ standards would prevent the sorts of attacks that wiped bank drives in Asia and affected a Saudi Arabian oil firm in 2012.
Martin distanced his agency from the controversial allegations that it conducted mass surveillance of British citizens and said that GCHQ's powers were "strictly circumscribed" and "needed clear justifications as laid down by parliament".
When questioned on the upcoming Investigatory Powers Bill, or 'Snooper's Charter', that the government plans to enact, Martin refused to give an answer but added that the agency's roles only worked "because we have an intelligence capability".
"If we want to protect the UK from the darkest reaches of cyberspace, we have to know how it all works."
The state of Salesforce: Future of business
Three articles that look forward into the changing state of Salesforce and the future of businessFree Download
The mighty struggle to migrate SAP to the cloud may be over
A simplified and unified approach to delivering Enterprise Transformation in the cloudFree Download
The business value of the transformative mainframe
Modernising on the mainframeFree Download
The Total Economic Impact™ Of IBM FlashSystem
Cost savings and business benefits enabled by FlashSystemFree Download