US, UK agree to closer collaboration on cyberwarfare
The countries' intelligence agencies will work together and conduct cyberwar games later this year to test the security of financial institutions.
Former CNET contributor Don Reisinger is a technology columnist who has covered everything from HDTVs to computers to Flowbee Haircut Systems. Besides his work with CNET, Don's work has been featured in a variety of other publications including PC World and a host of Ziff-Davis publications.
At a joint press conference Friday, US President Barack Obama and UK Prime Minister David Cameron committed to expanding their countries' collaboration to fight cyber warfare and crime.
"Given the urgent and growing danger of cyberthreats, we have expanded our collaboration on cybersecurity," Obama said. Cameron said the countries would "deepen our cybersecurity cooperation" in an effort to "keep pace with new threats."
Though the two world leaders provided little detail about the expanding collaboration, UK intelligence agency Government Communications Headquarters (GCHQ) announced on its website Friday that it will work with its "US partners" -- presumably the National Security Agency, which is its closest analogue in the US -- to collaborate "on cybersecurity by establishing a joint cybercell, with an operating presence in each country." MI5 and the FBI are also in on the collaboration, according to an interview Cameron conducted with the BBC earlier Friday.
"Aimed at strengthening mutual cyberdefense, [the collaboration] will bring together agencies and law enforcement and allow staff from each agency to be co-located, enabling information and data to be shared at pace and at greater scale," GCHQ said in a statement.
The increased collaboration comes after years of cyberattacks made by countries around the world. China, Russia and the US have all been implicated in attacks but have largely remained silent, blaming others for hacking networks and companies. China has been cited as one of the more active cyberthreats, allegedly attacking everything from the US Chamber of Commerce to government networks to US corporate networks in order to obtain intellectual property. When charged with the threats, China has often said critics should look at the cyberactivities engaged in by the US.
Cyberwarfare came into the spotlight more recently when Sony Pictures was hacked late last year. The hackers, calling themselves Guardians of Peace, leaked unreleased films, private e-mails between executives, information on employee salaries and much more. The group also suggested there would be terror attacks against theaters that screened "The Interview," a film depicting the assassination of North Korea leader Kim Jong-un. Those threats disrupted Sony's release plans for the movie. The US charged North Korea with being behind the attacks.
Though it was rumored Cameron would be making cyberwarfare a key component in his agenda with Obama, reports earlier this week suggested that the prime minister would urge the president to call on US companies to make their user data more easily accessible -- something that was not mentioned Friday.
Since former NSA contractor Edward Snowden leaked classified documents that detailed the agency's surveillance practices, including efforts to hack into US tech companies' servers, those firms and others have grown increasingly disenchanted by the US government and have turned to encryption to safeguard user data. Apple, for instance, has gone so far as to make items sent through its Messages platform irretrievable by anyone other than the sender and recipient.
Governments around the world took issue with the move (and similar decisions made by other companies like Google), saying the tech firms were providing a safe haven for would-be terrorists. Prior to this week's meeting, and following the Charlie Hebdo terror attacks in Paris, Cameron called on US companies, including Facebook and Twitter, to make user data easily accessible to governments in order to help law enforcement agencies battle criminals and terrorists.
Cameron, who's seeking re-election later this year, said that if he wins, he'll require all tech companies to make data accessible to governments under some sort of legal framework.
A key component in the US-UK collaboration will be cyberwar games, according to Cameron. He told the BBC that the countries would be conducting cyberwar games later this year to test the security of banks across London. Cyberwar games have already been going on, but those efforts will be ramped up this year, Cameron said.
The president and prime minister argue that the overall collaboration will provide better security and more protection for companies and people in both the US and UK. But not everyone is so sure.
"This is a response to the fact that the past year has summoned in a new era in terms of cyberwar and data breaches," Chris Boyd, a malware intelligence analyst at security firm Malwarebytes, told CNET in an e-mailed statement Friday. "The hacking of critical infrastructure, companies and government targets was once considered taboo and too technically difficult for nation states and criminal groups. This is now no longer the case.
"Technical teams need to be given the freedom, resources and time to ensure this is more than just a PR exercise," Boyd continued. "Today's advanced attacks are carried out by creative, skilled teams who are not burdened by the limitations of government bureaucracy -- something which needs to be replicated for such an initiative to flourish."