The threat of cyber terrorism is not something NATO is too worried about just yet...
Cyber terrorism is not a real threat yet, especially when compared to what nation states can do, according to a NATO official.
Ambassador Gábor Iklódy, assistant secretary general for emerging security challenges at NATO, said the “capability to do harm is still mainly with nation states”, rather than with cyber terrorist factions.
“It’s not there yet with terrorists,” Iklódy added, speaking at the National Security 2012 conference in Westminster yesterday. But he warned it was only “a matter of months or years” until terrorists had the resources to carry out cyber attacks on national infrastructure.
To prepare for the threat, the Hungarian ambassador said more openness around vulnerabilities was needed. “Sharing cyber intelligence seems to be … sensitive and difficult,” he said, adding that private companies had to be drawn into the process.
“We need to get industry and we need to get the knowledge they have,” he added. “If you want to deal with problems resulting from cyber space then we should be able to draw on expertise in industry.”
He said nation states’ capabilities were a concern. It is believed the US and Israel have collaborated on two of the most sophisticated pieces of malware ever created: Flame and Stuxnet.
Balancing security with privacy
Speaking at the same event, James Quinault, director for the Office of Cyber Security & Information Assurance within the Cabinet Office, warned cyber crime was “just too easy to do”, costing the UK billions every year.
Yet Quinault claimed the government was looking to balance security with privacy and freedom of expression, as it wanted to keep the Internet as open as possible. “Rather than assert control over it, we look at how we can let go,” he added. “We don’t want it balkanised into this country’s or that country’s Internet.”
When asked whether the Communications Data Bill, otherwise known as ‘Snooper’s Charter’, would go against the government’s willingness to maintain that balance, he told TechWeekEurope the proposals were just “trying to preserve a set of capabilities in a technological environment”.
The draft bill presented last month proposed that ISPs would store all UK citizens’ communications data, which does not include the content of interactions but who is talking to who, as well as when and where they happened.
Are you a security geek? Try our quiz!