Hackers have been successful at breaking into the Ministry of Defence’s systems, according to the retiring head of the MoD’s Defence Cyber Operations Group.
The comments from Major General Jonathan Shaw come in the same week that the website of the UK’s Serious Organised Crime Agency (SOCA) was downed by a suspected DDoS (distributed denial of service) attack.
“The number of serious incidents is quite small, but it is there,” Shaw told the Guardian.
“Those are the ones we know about. The likelihood is there are problems in there we don’t know about.”
Shaw declined to provide any more details about the nature of the serious breaches, or about who was responsible for them.
The MoD’s cyber security chief, a veteran of the Falklands and Iraq wars, is due to retire soon. In the interview with the Guardian, he questioned the ability of senior military personnel to lead the fight against cyber attacks.
He claimed that the top military officers had been the “hardest to convince” about the need for cyber defences because they were usually too set in their ways.
“We are the wrong guys to deal with this,” he said.
“My generation...we are far too old for this. It is not what we have grown up with.
“If we want to work the response, if we want to know really what is happening, we really have to listen to the young kids out in the street.”
Shaw admitted that this would be a real challenge for the UK, and urged the “young kids” to talk to the government.
“This thing is moving too fast,” he said.
The government could also learn from private companies, such as Facebook, which run ethical hacking programmes and reward white hat hackers for spotting security holes in the company’s platform, Shaw said.
While he believes that the MoD was not “doing badly” in building its cyber defences, Shaw said that the department “could do a hell of a lot better”.
He revealed that new funding is expected to be earmarked for cyber security in the MoD’s budget next year.
But while building cyber defence capabilities is a priority for the MoD and government, Shaw said that they would not replace conventional defence weapons.
“People have asked me whether cyber weapons will make conventional weapons redundant. Absolutely not.
“A hard bomb is actually quite a good cyber weapon because it can take out a broadcasting station, take out a server,” he said.
Last June, the MoD announced plans to hire 'hundreds' of cyber security experts in order to fully embed cyber capabilities in the UK’s defences.
It followed defence minister Nick Harvey’s acknowledgement that the UK is building a ‘toolbox’ of cyber weapons that will form an “integral part of the country’s armoury”.