UK 'complacent' over military cyber-attack risk, MPs warn

UK forces are at risk of an attack on their information technology because of government complacency, MPs have said.

The Defence Select Committee said the threat that cyber-attackers posed could "evolve at almost unimaginable speed" and called for rapid action to protect national security.

The committee said the British military's reliance on IT could leave it fatally compromised.

The Ministry of Defence said it had a range of contingency plans in place.

The committee's report said the threat could have "serious consequences for the nation's security".

References were made to the "urgent" need for the Ministry of Defence to develop a strategy and contingency plans.

Committee chairman James Arbuthnot described cyberspace as "a complex and rapidly changing environment".

He added: "It is our view that cybersecurity is a sufficiently urgent, significant and complex activity to warrant increased ministerial attention."

The report warned that much more needed to be done to identify the type or extent of cyber-attack that would warrant a military response.

"We are concerned that the then-minister's responses to us betray complacency and a failure to think through some extremely complicated and important issues," the MPs said.

They called on the MoD to make the development of rules of engagement for cyber-operations an urgent priority.

"It is not enough for the armed forces to do their best to prevent an effective attack," they said.

However, Defence Minister Andrew Murrison said the government was investing £650m over four years on the National Cyber Security Programme.

"The UK armed forces and the equipment and assets they use are amongst the world's most modern and advanced, so of course information technology plays a vital role in their operation," he said.

"Far from being complacent, the MoD takes the protection of our systems extremely seriously and has a range of contingency plans in place to defend against increasingly sophisticated attacks although, for reasons of national security, we would not discuss these in detail."

Britain's armed forces are increasingly reliant on information and communications technology.

The committee heard evidence that entire combat units, such as aircraft and warships, could be rendered completely dysfunctional by an attack.

"Should such systems suffer a sustained cyber-attack, their ability to operate could be fatally compromised," the report stated.

The UK Cyber Security Strategy, published in 2011, identified criminals, terrorists, foreign intelligence services, foreign militaries and politically motivated "hacktivists" as potential enemies who might choose to attack vulnerabilities in British cyber-defences.

Shadow defence secretary Jim Murphy described the committee's criticisms as "worrying".

"Vulnerabilities must be tackled urgently and ministers must respond in detail to the demands in this report," he said.