Britain and the west are becoming embroiled in a “clash of values” with Russia and China over the rules governing the internet, ministers and spy chiefs have warned in the UK’s first national cyber review published since 2016.
Threats to the UK in cyberspace are “evolving and diversifying” they added, and argued that Britain has to improve its offensive cyber capabilities – and its wider digital skills base – to meet the challenge.
“Cyberspace will become more contested as state and non-state actors seek strategic advantage,” the review said, with a particular warning that powerful autocratic states want to influence internet and technology standards.
“Debates over the rules governing cyberspace will increasingly become a site of systemic competition between great powers, with a clash of values between countries that want to preserve a system based on open societies and systemic competitors like China and Russia who are promoting greater state control,” the report said.
It is the latest in a string of vocal warnings from Britain’s intelligence community about cyber competition between the west and Russia and China, the latter of which was considered a close potential trading partner less than a decade ago when former prime minister David Cameron wooed President Xi Jinping.
Last month the MI6 chief, Richard Moore, said the spy agency had to recruit technology firms to help it stay ahead of both countries in what are considered strategic areas such as artificial intelligence and quantum computing.
British officials are also concerned about the potential to manipulate technologies for surveillance, warning that Chinese law requires companies based in the country to assist “state intelligence work” if asked. They have also accused both countries of trying to steal Covid-19 vaccine secrets in the early phases of the pandemic.
But there was also a warning that high-end cyber threats could spread further beyond Beijing and Moscow, and become “commoditised and proliferate to a wider range of states and criminal groups” – an apparent reference to the widespread use of the powerful Pegasus spyware by a growing range of countries.
This October it emerged, in an English court ruling, that “servants or agents” of Sheikh Mohammed bin Rashid al-Maktoum, the vice-president and prime minister of the United Arab Emirates, had, on the balance of probabilities, hacked phones belonging to his ex wife Princess Haya and two of her British divorce lawyers.
The national cyber strategy was last produced in 2016 and aims to bring together a global threat analysis together with strategies to deal with it, including last year’s creation of a National Cyber Force, the first offensive hacking unit formally acknowledged by the UK.
Although the document declined to spell out any specific operations conducted by the NCF since its inception, but the strategy did list out some potential operations including disabling terror groups “command and control communications” and “degrading adversary weapons systems” without saying how this might be done.
The new strategy is underpinned by a £2.6bn investment previously outlined in this year’s spending review. Ministers also announced a new “Cyber Explorers” online training platform aimed at teach young people cyber skills at school.