Source · Select Committees · Defence Committee
Recommendation 6
6
Paragraph: 59
It is important that the Government continues to call out cyber-attacks from adversaries on the...
Recommendation
It is important that the Government continues to call out cyber-attacks from adversaries on the international stage and works to find a deterrent to counter them. There is currently a lack of global rules regulating international cyber-attacks and the Government should work with allies to formulate a system to provide accountability for perpetrators. The Government should clarify why it is not deploying a cyberattack capability to deter aggressors.
Paragraph Reference:
59
Government Response
Acknowledged
HM Government
Acknowledged
The Government is committed to promoting stability in cyberspace based on the application of existing international law, voluntary norms of responsible state behaviour and confidence building measures supported by coordinated and targeted capacity- building programmes. The UK works with the European Union, North Atlantic Treaty Organisation, the Organisation for Security and Cooperation in Europe, the United Nations, and bilaterally to protect the future of a free open, peaceful and secure cyberspace. We aim to enhance partners’ capabilities, understanding of and willingness to use deterrence tools to increase international pressure on threat actors and counter hostile state activity in cyberspace. We regularly provide information about threats to help our partners to counter them, share information on our approach to deterrence and coordinate with partners on how to respond to state-directed malicious cyber activity. The UK will not tolerate malicious cyber activity and will react robustly and proportionately to the threat. We are vigilant to these threats, wherever they come from, and we are ready to defend against them. The UK government has exposed those responsible for a range of the most destructive and disruptive attacks, identifying actors in North Korea, China, Russia and Iran. seek to gain by attacking the UK will be outweighed by the consequences. We consider the employment of offensive cyber as part of our broader approach to deny benefits and impose costs on those who conduct malicious activity against the UK, including malicious cyber activity. Our cyber operations are designed and delivered by the recently announced National Cyber Force, a Defence and intelligence partnership. However, we are conscious that deterrence is but one strategy to deal with malign cyber activity and that other strategies may, in some circumstances, be more effective. We reserve the right to react asymmetrically, at a time and place of our choosing, in line with our values and the law.