Phillip Hammond today said that the UK needs to develop cyber weapons in order to respond to nation-state attacks, or risk starting a military conflict.
Speaking at Microsoft's Future Decoded conference in London's ExCel Centre, the UK Chancellor emphasised the need for offensive cyber security capabilities, primarily to respond to cyber attacks by foreign governments.
The comments come ahead of the official announcement of the government's new National Cyber Security Strategy, which is expected to highlight several key national security and defence issues as well as protections for companies and private citizens.
"A small number of hostile foreign actors have developed and deployed offensive cyber capabilities, including destructive ones," he said. "These capabilities threaten the security of the UK's critical national infrastructure and our industrial control systems."
He also warned that without similar offensive technologies, the UK would be forced to either do nothing or to respond with military force in the event of an attack. "That is a choice we do not want to face, and a choice we do not want to leave as a legacy to our successors. That is why we need to develop a fully-functioning, operational cyber counter-attack capability."
Hammond appeared to have a specific foreign power in mind and made reference earlier in his speech to both the TV 5 Monde hack and the BlackEnergy attack on the Ukranian power grid - both of which have been linked to Russian state-sponsored hackers.
According to the chancellor, any future wars will be preceded by a concerted campaign of cyber attacks, designed to assess the nation's strengths and weaken its defences in preparation of a full-scale attack.
The comments were slightly contradictory to the views of Dr Ian Levy, technical director of the National Cyber Security Centre, however. Also speaking at Future Decoded, Levy warned that cyber security needed to be demystified, and accused the industry of stoking unnecessary fears in order to sell "magic amulets".
Hammond is expected to announce the full scope of the National Cyber Security Strategy later today, which is set to introduce measures to improve the nation's security infrastructure and defences, along with the pool of available experts within the workforce.
The investment will partly be used to train and retain security talent. Over 50 security specialists will be hired to the National Crime Agency's cybercrime unit, with a scheme also set up to up-skill "high-aptitude professionals".
The government will establish an innovation fund for security startups too, encouraging the development of new security applications and technologies.
Automatic defence systems have also been set up with the help of private-sector companies, which will help stop malware, phishing campaigns and other security threats before they reach the general public.
"This is a hugely important announcement which makes it clear that cyber security will be at the heart of the UK's industrial strategy," said industry body TechUK. "It is absolutely vital that Britain's businesses are cyber secure."
TechUK CEO Julian David added "Although we have some of the best cyber security capabilities in the world, we cannot be complacent about the evolving cyber threat. This new strategy is a robust and comprehensive response from Government to the growing cyber threats that we face. It is now time for businesses across the country to step up and play their part in keeping their businesses and the UK as a whole secure."
