Skip to main content

Cyber Warfare

Volume 691: debated on Monday 15 March 2021

What steps his Department is taking to reduce the risks posed by technological advances in cyber warfare to the UK’s critical national infrastructure. (913321)

What steps his Department is taking to reduce the risks posed by technological advances in cyber warfare to the UK’s critical national infrastructure. (913327)

What steps his Department is taking to reduce the risks posed by technological advances in cyber warfare to the UK’s critical national infrastructure. (913328)

The threat of cyber-attack on UK interests is real. Every day, we witness malicious interference from adversary states and hostile actors. We are continually protecting our systems and have previously called out activity from Russia, China and Iran. Our defensive cyber programmes are delivering on an extensive suite of capabilities, but cyber defence is only part of our approach. A core element of broader deterrence is integrating our offensive cyber-capabilities into our military operations.

I thank my right hon. Friend for his answer. I particularly welcome the fact that the National Cyber Force will be based in the north-west of England. In saying that, may I urge the Secretary of State to look sympathetically at hosting it in Lancashire? We already have a really strong track record of supporting our armed forces, from the thousands of men and women who sign up from our county to manufacture the Typhoon and, hopefully, the Tempest in the future.

I certainly hear what my hon. Friend says. As another Lancashire MP, I am conscious of the good news which the Prime Minister announced that the force will be based in the north of England. Obviously, we will go through the processes of selecting where it is to be based. I think of the lessons that we learned when Bletchley Park and its successors moved to Cheltenham, as opposed to a big city. The impact that that had in levelling up the area is something on which we should all reflect. It is incredibly important that, in our whole levelling-up agenda, we focus not just on cities but on towns as well.

Our Prime Minister and Secretary of State are backing the north by developing the National Cyber Force here. Some say that it should be in Manchester, but others say Lancashire. Surely Bolton is the place for it, with a foot in Greater Manchester, but our heart firmly in Lancashire.

It is tempting to ask for Bolton as well as Warrington to be returned to Lancashire following the reforms of the early 1970s. I must declare that I was once a secretary for the Friends of Real Lancashire. I think, Mr Speaker, you were probably a co-secretary with me at one stage. I hear my hon. Friend loud and clear. The strengths of these mill towns is clear. Whether it be Bolton, Wigan, Warrington, Preston, in my constituency, or Chorley, their contribution to Britain’s industrial base and the next generation, which is obviously cyber, should not be undervalued. I will certainly listen to all the arguments put forward. The National Cyber Force is a mix of GCHQ and the Ministry of Defence. We have a proud record of supporting the MOD and defence in the north, and I look forward to that continuing.

I welcome the weekend’s announcement that a full-spectrum approach will be taken to the UK’s cyber-capability. Can my right hon. Friend confirm that the integrated review will include a strategy for working with industry, great and small, so that robust cyber defence can be maintained across our entire economy?

After the Defence Command Paper is announced on Monday, a week today, the defence industrial strategy will be launched the following day, which will give us an opportunity to indicate investments not only in our more traditional industrial base, but in the new and future domains, such as digital, cyber, space and so on. This is incredibly important. Britain is one of the world leaders in both applying our cyber-technology and investing in it, and I predict that the strategy will have something to say about that.

May I, on behalf of the official Opposition, offer my tribute to the service of Sergeant Gavin Hillier and say to his family, his friends and his comrades that our condolences are with them?

I certainly welcomed the weekend news that the integrated review will commit the UK to full-spectrum cyber, as the hon. Member for Rushcliffe (Ruth Edwards) has just said, although I strongly feel that announcements of important Government policy such as that should be made in Parliament and not in the press. Is not the wider security lesson from cyber and other grey-zone threats that more civil and military planning, training and exercising is required? Given that some countries are well ahead of us, will the integrated review catch up with the need for full-spectrum society resilience?

I hear what the right hon. Gentleman says, but I would take issue with it on one thing, and that is about us catching up. I was the cyber-security Minister—I was the Minister of State for Security—for a considerable period of time. Britain actually led the world both in NATO, where we were the first to offer cyber-offensive capability, but also through our programmes. The national cyber-security programme spent billions on enhancing capability right across not just military, but predominantly the civil sector. The National Cyber Security Centre is a first; there are almost none in Europe.

We are one of the first to have such a centre to be able to advise business, private individuals and the Government how to keep themselves strong and secure. There is always more to do and there are lessons to be learned around the world, but Britain has a lot of innovation and strengths in cyber-security. It is a dangerous world out there in cyber. I certainly agree with the right hon. Gentleman that one of the ways to deliver this is to ensure that we constantly work with our friends and allies.

Does my right hon. Friend accept that while the cyber-threat to critical national infrastructure can paralyse a society that is then subject to attack by more conventional means, we also have to maintain the methods and equipment to counter-attack anything involving conventional military force? Is he satisfied that the integrated review, while recognising the role of cyber, also recognises the continuing role of conventional defence?

My right hon. Friend makes a valid point; we absolutely recognise that. The important thing about the Command Paper and the integrated review is learning the lessons of today. The lesson that we learned from Syria was that when we tackle Daesh, we tackle its cyber-offence and cyber-campaign in tandem with the military campaign that we used to take apart its leadership and the evil tasks that it was setting out to cause attacks. It is absolutely the case that there cannot be one without the other, but we should also recognise that the growing vulnerability of our forces and civil society to cyber as we become more dependent on cyber means that we have to take a very strong lead in defending against that.