GovWire

Speech: Building partnerships to protect the UK from cyber crime

Home Office

October 30
11:17 2024

class="gem-c-govspeak govuk-govspeak gem-c-govspeak--direction-ltr govuk-!-margin-bottom-0">

Thank you and good morning.

Its a great privilege to be with you at PREDICT 2024 today taking place right in the very heart of Londons thriving knowledge quarter.

Id like at the outset to take this opportunity to thank Recorded Future for your hard work in bringing us together over these 2 days.

Not least because I think that forums like these provide us with a crucial platform to connect, share ideas and to learn from one another.

When our world feels increasingly less certain and increasingly more volatile, it is reassuring to know that last night, as with every night, many of you here today, made it safer.

Across the UK, millions of phones charging next to our beds were patched whilst we were sleeping better protecting our messages, our photos and our personal information, frankly, our entire lives these days from constantly mutating cyber threats.

For ministers like me, there will be 2, maybe even 3, phones next to our beds, but add them to millions more devices and their networks that our world now relies on to function.

The role that the global community of defenders plays in disrupting and defeating cyber-crime is more than just vital its existential.

So, I want to say this morning that this country, our country, is enormously in the debt of many of you in this room who strive, day in, day out to protect us all.

Your work, your dedication and your accomplishments have never been more important.

Yet, it may be the case, that they have never been more taken for granted, because most will only notice, could only ever notice, when things go wrong.

Who knew what Synnovis were and the vital service they provide to the NHS until ransomware criminals struck?

Outside of tech circles, who knew the name Crowdstrike before a wayward patch ground international aviation to a halt?

How many of the millions of Australian or US citizens, who relied on their services, could have identified the logos of Colonial Pipeline or Medibank before they were attacked? So today, I want to focus on this unnoticed and often unappreciated reality.

I want to talk about the need for constant vigilance in defending our digital world and how we can do so better and together.

Now, as Ive already touched upon, our international rules-based system is being severely tested and technological advances continue to evolve at pace.

Advances in technology bring both risks and opportunities for us all.

We have all moved our lives online. In this respect, the UK stands out from other countries in its digital development.

Indeed, it was national news when the card machine stopped working across Greggs stores one morning in March this year. Alongside paying for sausage rolls with our smart watches, there are opportunities to harness technologys vast potential in areas such as healthcare, education and, of course, security.

But we must also address the evolving risks and maintain a posture of constant vigilance, including by keeping up with developments in artificial intelligence, which show unstoppable momentum.

Emerging technologies are changing the nature of diplomacy, trade and competition, driving it online and thus onto our devices and into our pockets.

The much bigger global IT outage in July demonstrated our near universal dependence on technology.

For businesses, physical premises are interchangeable with digital platforms when it comes to delivering services and making money.

Beyond AI, quantum technologies, future, telecoms, connected devices, robotics and drones are rapidly reshaping the landscape.

Put simply, cyber security is national security.

Therefore, cyber incidents such as ransomware attacks, network intrusions for cyber espionage or IP theft have significant and complex consequences.

When organisations are targeted, there can be knock on effects on the UKs economic resilience.

Data is becoming an ever more valuable commodity. Last year, the UK saw over a million reported Computer Misuse Act offences, most of which sort out personal data.

These crimes are estimated to cost the UK economy billions of pounds every year.

When public services or critical national infrastructure are targeted, there are implications for our national security.

Criminals exploit this and are early adopters of the latest technology.

The UK, and the international response must keep pace, and where possible, develop a competitive edge to mitigate these risks.

If misused, artificial intelligence and machine learning can intensify the impact and scale of cyber-crime.

Criminals are offering exploitation kits and hacking as a service, making it systems and data compromise increasingly accessible network attack surfaces and opportunities to target third party suppliers are expanding exponentially.

Unauthorised computer access can lead to a wide range of frauds, theft, extortion, and can also facilitate stalking, domestic abuse and harassment.

These crimes cause significant harm to the UK, destroying businesses and ruining lives.

Thats why the government is reviewing the threats that we face and addressing priority cyber threats like ransomware, which is the most acute cyber threat facing most UK organisations.

Its also why we are making progress on counter ransomware, and the UK continues to lead international efforts, including through the counter ransomware initiative and by sanctioning 36 cyber-criminal actors since 2021, including ransomware actors like Evil Corps, the clue is in the name, LockBit and Trickbot.

This year, the UKs National Crime Agency also led a global effort to disrupt LockBit, the worlds most prolific ransomware group.

Now we are increasingly seeing the impactful effects of combining law enforcement efforts, disruptive operations and interventions like sanctions that de-anonymise, disrupt and deter cyber criminals through a whole government response.

But there is much more that we need to do.

We are considering all options available to us, including reviewing the Computer Misuse Act to strengthen our response to the threat.

But its not only criminals who use cyber to target the UK.

Our intelligence agencies and international partners work around the clock to expose and counter malicious activities that threaten our interests.

As Mi5 Director General Ken McCallum set out earlier this month, autocratic states persist in their efforts to undermine UK security.

States, including Russia and China, are investing in advanced cyber operations, and it is a national security priority to detect, disrupt and deter this activity.

Russia is home to one of the most expansive and destructive cyber-criminal communities in the world, which targets global businesses with ransomware and other forms of cyber-attack for profit.

The Kremlin deliberately turns a blind eye to the activities of many cyber criminals within its jurisdiction, choosing not to prosecute, as long as their crimes serve the regimes interests.

But the Russian state also has extensive cyber capabilities of its own.

The National Cyber Security Centre (NCSC), has confirmed Russian attempts to target key sectors of the British economy, including the UK media, telecommunications, political and democratic institutions and energy infrastructure.

We will not tolerate Russian cyber interference and will continue to work with our international allies to expose Russian cyber aggression and hold the Kremlin to account for its malign activity.

Compared to Russia, China presents a more complex and significant long term cyber challenge, and there have been a number of high-profile China linked cyber-attacks over the past few years, varying in intensity and sophistication.

We will continue to engage with China, and we want to see a constructive debate aimed at making cyberspace a safer place to do business for companies and consumers.

That is why we regularly raise issues with China, and we will keep calling out all state and non-state actors for malicious activity when it is necessary to do so.

For instance, the UK supported by global allies, publicly attributed and sanctioned Chinese state-affiliated actors responsible for malicious cyber campaigns targeting the UK democratic institutions.

Working alongside our Five Eyes partners and others, the UK continues to strengthen our defences, safeguard our institutions and protect sensitive data from these ever-growing threats.

NCSC, combining its cyber expertise with unique intelligence insights, remains decisive in ensuring that the UK stays ahead of these state sponsored threats.

As this year is a year of elections around the world with around 4 billion people going to vote, and we know that malign actors target the freedoms and democratic processes which are integral to our way of life.

Foreign states and domestic actors use disinformation and harmful material online in a bid to undermine our democratic institutions.

The recent general election here in the UK was a prime opportunity for our adversaries to mount a major information attack on the UK in an attempt to affect the outcome.

Government planned for such an incident, but fortunately, this did not happen.

Although attempts at interference do not stop with electoral events, and we are alive to this ever present-threat to our democracy, especially the use of disinformation.

Vigilance and effective cross government working is especially needed as AI technology threatens t

Related Articles

Comments

  1. We don't have any comments for this article yet. Why not join in and start a discussion.

Write a Comment

Your name:
Your email:
Comments:

Post my comment

Recent Comments

Follow Us on Twitter

Share This


Enjoyed this? Why not share it with others if you've found it useful by using one of the tools below: