Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Geo Focus: The United Kingdom

UK Ramps Up Capabilities to Deter Nation-State Hackers

Government Announces '@HutEighteen' Information Warfare Network
UK Ramps Up Capabilities to Deter Nation-State Hackers

The U.K. has increased its ability to combat online attacks via the establishment of an information warfare network named @HutEighteen. The move was announced Tuesday by the Defense Academy of the United Kingdom, which provides higher education for personnel in the British armed forces.

See Also: Leveraging Okta's Identity cloud as the first line of defense against fraud, waste and abuse

Per NATO's definition of information warfare, officials say the unit's aim will be "controlling one's own information space, protecting access to one's own information, while acquiring and using the opponent's information, destroying their information systems and disrupting the information flow."

"By innovating and collaborating across sectors and institutions, @HutEighteen has the potential to drive forward our capabilities in information warfare," says Maj. Gen. Andrew Roe, chief executive of the Defense Academy and commandant of the Joint Services Command and Staff College.

The unit will combine practitioners, policymakers and researchers inside the Ministry of Defense and liaise with other government departments, academia, industry and the international community. The government says the unit's wider mission is to connect, inform, support, collaborate and exploit cyber and information advantages, as well as conduct outreach via education, events and experimentation.

'Attitude, Approach, Collaboration'

"How well we perform in information warfare is less likely to be related to our specific equipment, but more towards attitude, approach and collaboration," says Col. Caroline Woodbridge-Lewin, head of the information warfare group at the Defense Academy.

Experts say the initiative should help the government better take the offensive against information warfare attacks targeting Britain, as well as use sanctions to help curtail nation-state cyberattacks. The moves also follow the U.K. standing up a new National Cyber Force.

"This is a great and timely initiative," says Moyn Uddin, head of cyber resilience and privacy at legal practice Cyber Counsel and lead author of the Axelos Resilia guide to cyber resilience. "Information warfare targeting just COVID-19 information has the potential to harm the economy and cost lives. Just imagine if a hostile foreign intelligence service can convince a large portion of U.K. population to be anti-vaccine, or distrust the government through a disinformation campaign. This could have a huge destabilizing effect on the country."

But one legal expert cautions that the government's information warfare network cannot be given free rein. "@HutEighteen's efforts must be proportionate by respecting our freedom of speech and expression," London-based attorney Samantha Simms, who specializes in advising businesses and government institutions about complying with privacy and data security regulations, tells Information Security Media Group.

UK Brings Sanctions to Bear

In addition to deploying the military to counter disinformation campaigns, the U.K. has also stepped up efforts to use courts to sanction individuals and organizations caught breaking the law by engaging in offensive cyberattacks.

On Nov. 24, the U.K. government published a list of financial sanctions targets whose assets will be frozen in response to cyberattacks against EU member countries.

The move complies with EU legislation directing sanctions against multiple state entities accused of launching cyberattacks against countries in the EU and beyond. It specifically accuses two Russian army units, one organization in China and another in North Korea. It also names specific individuals, including six Russian citizens and two Chinese citizens, as being involved in the attacks.

Under the sanctions, financial organizations in the EU and other countries that have agreed to abide by the regulations - including the U.K. - must see if they maintain any accounts or hold any funds or economic resources for the individuals or organizations named and freeze their accounts, unless the U.K.'s Office of Financial Sanctions Implementation, for organizations in Britain, offers an exemption.

Diplomatic Tools

While most nation-state cyber operations are covert, and thus difficult to detect, experts say sanctions provide another tool in governments' diplomatic arsenal to try and set acceptable norms of behavior and punish nations that fail to comply (see: 6 Takeaways: Russian Spies Accused of Destructive Hacking).

"It is yet another tool to fight the good fight," cybersecurity researcher John Walker, a visiting professor at Nottingham Trent University, tells ISMG. But enforcing such sanctions can be problematic. "Possibly where actors are confirmed to be in the pay of the state, maybe the sanctions should be targeted at the local embassy related to the concerned actor."

But some experts say that, while sanctions might look like doing something, their efficacy remains unproven. "I am not completely convinced that even these targeted sanctions will make a dent," Tee Patel, a CISO who serves as a cybersecurity adviser to the U.K. government, tells ISMG. "There needs to be a tougher approach. Banning entire country IP address ranges for a limited period of time has been suggested. It's important that our response matches the attacks in impact."


About the Author

Tony Morbin

Tony Morbin

Executive News Editor, EU

Morbin is a veteran tech journalist, editor and presenter. He covered cybersecurity for the past seven years at SC Media and IT Security Guru. He previously covered banking, fraud, risk, electronic payments, telecoms and broadband issues. He spent seven years as an editor based in the Middle East and worked on ventures covering Hong Kong and Ukraine.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.