Using the 3 July National Security 2012 conference as a platform, Counter-Terrorism department director Richard Clarke likened the potential disruption from cyber-attacks to the sort of physical threats that might have concerned security chiefs at past games.
“The current threat level is at substantial and we recognise threat levels may change rapidly,” Clarke was quoted as saying.
“With the scope to move to highest level of critical we will adapt to respond to changes and challenges. We remain vigilant against cyber issues in our preparation for Olympics. London 2012 is the biggest peace time security endevour in the last 20 years. People are starting to realise the sheer scale and I think it’s staggering to see the amount of work that has been done,” he added.
That Clarke mentioned cyber-terrorism and cyber-hacking disruption in a speech so close to a huge public event was only to be expected, but nobody could accuse the UK Government of failing to remind people of the issue.
There have been numerous such statements, including Foreign Secretary William Hague’s warning on targeted attacks against the country in February 2011, which echoed several by senior politicians and officials going back to 2008.
The alerts state the obvious perhaps but are not totally without foundation in concrete terms as an attack on the BBC (seen in some foreign states as being an arm of government) earlier this year underlined.
In April, PwC warned that large organisations in the UK were being hit by an average of 54 cyberattacks per annum.
Confusingly, only a day before Clarke’s presentation, James Quinault of the UK Cabinet Office went on the record as saying he believed that many cyberattacks could be prevented using simple security measures.
“By suggesting that the majority of attacks can be defeated simply by changing passwords or being careful about what information is shared online points to a severe lack of understanding of how the current security landscape is manifesting,” responded Ross Brewer of security firm, LogRhythm.
The dichotomy spotted by the critics points to the protection afforded government infrastructure and the lack of similar protection for ordinary consumers, the target of Brewer’s prompt. None of this is new of course.
“You only have to read the constant stream of headlines to see that our established reliance on anti-virus, firewalls and other perimeter-based defences are proving time and time again to be woefully ineffective at mitigating the advanced threats that we are seeing today,” chimed Paul Davis of FireEye.
The fact that the country’s critical infrastructure might be assaulted using bots that have recruited compromised consumer systems inside the UK remains an unresolved wrinkle in national cybersecurity policy.
The better news is that the UK has also been rated by McAfee as having some of the strongest cyber-defences in the world. In the coming weeks the effectiveness of this shield will be on display as never before.