The Government's Cyber Security Strategy of the United Kingdom, published alongside and reflected in the National Security Strategy update of June 2009, considers a number of methods of cyber attack, including those that generate high levels of radio frequency power that can damage or disrupt unprotected electronics. It also outlines the new governance structures and workstreams which are now building on existing work to take forward the Government's plan for reducing the impact on and vulnerability of the UK's interests from cyber attacks.
The Centre for the Protection of National Infrastructure (CPNI) provides advice on electronic or cyber protective security measures to the businesses and organisations that comprise the UK's critical national infrastructure, including public utilities, companies and banks. CPNI also runs a CERT (Computer Emergency Response Team) service which responds to reported attacks on private sector networks. In addition, the Communications Electronic Security Group (CESG) provides Government Departments with advice and guidance on how to protect against, detect and mitigate various types of cyber attack.
It would not be in the interests of national security to publish information about specific vulnerabilities, assessments or protective measures relating to electromagnetic pulse attack.
I have been asked to reply.
The threat to the UK's cyber security from the effects of an electromagnetic pulse (EMP) is specifically highlighted in the fourth bullet of paragraph 2.8 on page 14 of the Cyber Security Strategy of the United Kingdom published in June 2009, referred to by its alternative (non-nuclear) title of High Power Radio Frequency (HPRF) transmission. The Cyber Security Strategy did not sub-classify the origin of HPRF threats into solar or deliberate.