Sergey Nivens - Fotolia

Understanding the cyber threat key to UK defence, says NCSC

Understanding cyber threats is key to defending the UK and ensuring it is a safe place to do business, says the National Cyber Security Centre

The National Cyber Security Centre (NCSC) has underlined the importance of understanding the true nature of cyber threats at the inaugural Cyberthreat conference in London, hosted by the NCSC and the Sans Institute.

The key roles of the NCSC is to reduce cyber attack risk, respond to national cyber incidents, nurture the UK’s cyber security responsibility and, most importantly, understand the threat, said Paul Chichester, director of operations at the NCSC.

The work the NCSC does around cyber threats involves working out a UK response to things like NotPetya, but also includes the capability to identify what threat actors are responsible for particular threats, which in the case of NotPetya turned out to be Russia.

“The decision to attribute threats is ultimately a political one when it is in the national interest, but the work NCSC does underpins the UK government’s ability to do so if it chooses to,” Chichester told the conference designed especially for members of the UK’s growing network of cyber defenders.

The conference is aimed at filling a key gap in the UK cyber security conference calendar, bridging the public-private sector divide, and to showcase UK talent, skills and technologies.

“This is part of delivering on the NCSC’s commitment to encourage and foster a better understanding of the cyber threat, and how best to counter it,” Chichester told Computer Weekly ahead of the conference.

“We want cyber security to be enabling, and not a hindrance,” he told attendees of the conference. And in light of the fact the NCSC is more often judged on what it shares than on what it knows, he said the NCSC would increasingly share intelligence about threat actors and their methods.

Read more about the NCSC

  • NCSC demonstrates first year success against cyber attacks on the UK.
  • The NSC started several initiatives in its first year with the aim of using data drawn from those to drive better cyber security practices.
  • The National Cyber Security Centre is unashamedly ambitious in aiming to make the UK the safest place to do business online, which chief Ciaran Martin sees as an achievable goal.
  • The UK’s NCSC and NCA publish a joint report on the cyber threats facing UK businesses, outlining the best response strategies.

James Lyne, head of research and development at the Sans Institute said it was heartening to see such a good turnout at a hands-on technical cyber security conference, which is designed to replicate the US-based technical conferences that foster the development of a technical community and give rise to new discussions and concepts.

As a result, the conference includes the opportunity to work in teams to hack the conference badges, security challenge booths focusing on different areas and a two-day team-based capture the flag competition, which includes technical challenges spanning a variety of disciplines to break down silos, boost understanding of how to collaborate with other specialists in cyber security and to teach participants about techniques used by cyber adversaries.

While some big security suppliers are represented at the conference, Lyne told Computer Weekly that smaller organisations are also represented that are not security companies but have “good people doing good [cyber security-related] work”, to expose case studies and tools that “go beyond the usual suspects” found at most security conferences.

From zoology to computers

Kicking off the presentations was well-known UK veteran “bug hunter” David Litchfield who now lives and works in the US.

Litchfield recounted how he was first inspired by David Attenborough to be a zoologist, but was then inspired by the 1995 cyber thriller film “The Net” to switch his attention to the world of computers and cyber security, cutting his teeth working in computer support before moving into computer security in the early 2000s.

Several years of exciting bug hunting and the inevitable long-running exchanges with big software suppliers followed as he discovered multiple ways of exploiting code and bypassing security controls.

“In 2007, I realised there was always going to be security vulnerabilities and there would always be zero-days exploiting those vulnerabilities,” said Litchfield, which led him to switch tack again to breach investigations to hunt attackers in the hope of catching them.

In the longer term, the NCSC plans to build on Cyberthreat 2018 to further address the lack of technical cyber security conferences throughout the UK and Europe as a whole.

Read more on IT risk management