MPs say government's cyber-security policy is putting UK in danger

UK MPs have called the government’s cyber-defence strategy into question and warn that IT infrastructure supporting the British armed forces could be exposed by rapidly evolving security threats.

A report from the Defence Select Committee said the military’s reliance on its IT systems is dangerous and raised concerns over an apparent lack of contingency planning should important networks be breached.

Committee chairman James Arbuthnot, who identified Russia and China as leading threats to the UK’s cyber-security, alongside terrorist organisations, crime syndicates and teenage hackers, told the BBC a key problem was that the nation doesn’t have “the non-technical back-up to allow us to conduct Ministry of Defence business if the national infrastructure is somehow compromised.”

Arbuthnot said the government is therefore concentrating on trying to block every kind of cyber-attack from breaching the defences, when “there needs to be more attention paid to resilience and recovery in case something does get through, because just trying to stop something that is developing very fast is not enough.”

But defence minister Andrew Murrison has defended the UK’s cyber-security system, arguing that a reliance on IT is inevitable. "The UK armed forces and the equipment and assets they use are amongst the world's most modern and advanced, so of course information technology plays a vital role in their operation," he said.

Refuting the committee’s concerns, he continued, "Far from being complacent, the MoD takes the protection of our systems extremely seriously and has a range of contingency plans in place to defend against increasingly sophisticated attacks although, for reasons of national security, we would not discuss these in detail."

With cyber-security becoming increasingly prominent on the government's agenda, this week it emerged that the Cabinet Office is set to deliver a wide-scale education programme to teach businesses and the general public about the threat of cybercrime. The project is expected to kick-off this spring.