Cybersecurity in the UK
By Adam Clark
Cybersecurity is the practice of protecting IT systems, devices, and the data they hold from unauthorised access and interference (known as cyber attacks). This briefing focuses on policy and legislative efforts to improve the UK’s cybersecurity. It does not discuss cyber in the context of military operations. Cybersecurity policy is a reserved matter, as are many related policy areas such as national security, product safety and consumer protection. In devolved matters, such as education, the devolved administrations have their own strategies for implementing the UK Government’s overarching cyber policy. Who carries out cyber attacks? The cyber threat to the UK comes from a range of actors, including state and state-sponsored groups, financially motivated criminal organisations, and ‘hacktivists’ with political aims. The boundaries between these groups can be unclear. For examples, cyber criminal groups can operate with the implicit backing of states, choose targets for political reasons, or sell their cyber attack services to others (known as ‘as-a-service’ business models). How are cyber attacks carried out? Cyber attacks typically involve malicious software (known as ‘malware’) being executed on the target’s system. Malware is an umbrella term for various types of software designed to damage, disable, and extract data from computer systems. Cyber attackers deliver malware to the target’s IT system by exploiting technical vulnerabilities and human error, then run the malware to achieve their aim (such as stealing or encrypting data). An estimated 95% of cyber attacks succeed because of human error. This includes ‘active’ errors such as opening malicious email attachments and ‘passive’ errors such as using weak passwords.
Research Briefing.
London: House of Commons Library, 2024. 68p.