Britain is prepared to retaliate with a nuclear strike if it faces an exceptionally dangerous cyber attack or any other attack leveraging emerging technologies, the government's latest integrated Review of security, defence, development and foreign policy has revealed.
As reported by Guardian, the integrated defense review states that Britain is ready to launch nuclear weapons if it faces an exceptionally dangerous cyber attack or attacks leveraging other “emerging technologies”. This statement marks a significant departure from the existing policy of using submarine-launched Trident missiles. As per the earlier policy, Trident missiles, which are armed with thermonuclear warheads, can only be launched against another nuclear power or in response to a biological or chemical attack.
According to the new defence policy that was unveiled Tuesday, the UK would “reserve the right” to use nuclear weapons in the face of “weapons of mass destruction”, including “emerging technologies that could have a comparable impact” to chemical or biological weapons.
Commenting on the government’s announcement, Natalie Page, threat intelligence analyst at Talion, told Teiss, “This is an extremely alarming claim from the UK government. For cyber warfare to spill over into the real world in such a destructive and dangerous manner, is an ideology that is not only terrifying but as we witness cyber attacks becoming so advanced and widespread, is something which we may see governments across the globe begin to revert to in the imminent future.
"A major concern is exactly how governments will monitor attacks and identified assailants. It is not always clear-cut during nation state attacks who your attacker is. As analysts, we often witness attributed threat groups change during the investigation of an attack, with it sometimes being months before researcher’s are able to indisputably establish a threat group, due to attackers utilising all mechanisms available to obfuscate their true identify. If the government reacts too quickly to these attacks, releasing a nuclear weapon upon an innocent country, the implications could be catastrophic," she added.
Dimitris Strevinas, CTO of Obrela Security Industries, also highlighted the problems that nations face when attributing cyber attacks to specific adversaries. "Attributing cyber-attacks to a specific country or group operating in it, based on the direct origin of the attack may lead to false attributions of responsibility. Cyber attacks are highly decentralised and in most cases, the actors utilize multiple levels of cross-country access to hide their origin, identity and intent," he said.
According to Strevinas, sophisticated hacker groups today follow a chain of command, which crosses country restrictions and may involve multi-national groups with variable levels of knowledge related to the mission objectives. Therefore, pinpointing a particular country as responsible for a cyber attack is problematic.
"As such, engagement of weapons of mass destruction as a response to a low-confidence attribution of responsibility should be carefully re-considered, even if the intent is to demonstrate readiness," he added.
This is not the first time that the government has not ruled out using offensive military capabilities to respond to large scale cyber attacks. In November last year, the government formally announced the setting up of a National Cyber Force that will carry out cyber operations to counter terror plots, support military operations, and disrupt the activities of terrorists and criminals threatening the UK’s national security.
"The National Cyber Force is a joint Defence and GCHQ capability, giving the UK a world-class ability to conduct cyber operations. The NCF is bolstering our global presence in the cyber domain, and it is a clear example of how we are turning our ambitious agenda to modernise defence into a reality," said Defence Secretary Ben Wallace.
NCF is tasked with conducting cyber operations to support diplomatic, economic, political and military capabilities and its range of activities includes preventing terrorists from communicating with each other, helping to prevent the internet from being used as a global platform for serious crimes, including sexual abuse of children and fraud, and keeping UK military aircraft safe from targeting by hostile weapons systems.
In June last year, the Ministry of Defence also launched the first dedicated Cyber Regiment with the responsibility to protect vital defence networks at home and on operations overseas from cyber threats. The 13th Signal Regiment secures digital communications equipment and channels used by the armed forces, but also works with the Royal Navy and Royal Air Force to provide secure networks for all military communications, and provides the basis of the new Army Cyber Information Security Operations Centre.
"This is a step-change in the modernisation of the UK Armed Forces for information warfare. Cyber-attacks are every bit as deadly as those faced on the physical battlefield, so we must prepare to defend ourselves from all those who would do us harm and the 13th Signal Regiment is a vital addition to that defence," said Wallace.