POST (Parliamentary Office of Science and Technology)
States’ use of cyber operations
States are increasingly engaging in cyber operations to support their strategic aims. This POSTnote considers hostile state-backed cyber activities against the UK. It looks at how and why states use cyber operations against other nations and the threats these pose to the UK. It also considers mitigation measures, both internationally and in the UK.
‘Cyberspace’ typically refers to digital networks used to store, modify, and communicate information. It includes the internet but also other information systems that support businesses, services and infrastructure.
‘Cyber operations’ aim to achieve objectives in or via cyberspace. They can include gaining unauthorized access to computers, systems or networks to obtain information; and altering, deleting, corrupting or denying access to data or software.
States conduct cyber operations against adversaries for reasons including to gather information, influence political decisions, support military action or gain financially. Potential impacts include data breaches, website outages, and disruption to online services, telecommunications and supply chains.
The number and sophistication of cyber-attacks on the UK are increasing. In 2020/21, the National Cyber Security Centre (NSCS) dealt with 777 incidents (from non-state, as well as state, attackers), a rise of just over 30% in four years.
The UK Government set out plans for protecting and promoting UK interests in cyberspace in the National Cyber Strategy 2022. This included £114 m of extra funding for the National Cyber Security Programme to help deliver the Strategy over the next three years, which is part of a wider £2.6 bn investment in cyber and legacy IT. The Government is reviewing the Computer Misuse Act and has introduced the National Security Bill, which may help to strengthen the UK’s response to cyber threats from hostile states. It has also said it is willing to use cyber operations alongside its diplomatic, economic and military activities.
- Typically, states conduct cyber operations for espionage (to obtain data), to disrupt services, or to spread disinformation. Some states commit cybercrime for financial gain.
- Data collected through cyber-espionage may be used to gain political or commercial advantage. Government bodies, NGOs and think-tanks are common targets.
- Disruption in cyberspace has the potential to cause serious disruption in the physical world including to critical national infrastructure (CNI). States may pre-emptively enter an adversary’s network to gain a foothold for a future attack.
- States engage in disinformation operations for various reasons, including: to achieve political goals without escalation to physical warfare; to influence the international response towards a particular nation; or to erode trust, for example in authorities or democracy.
- Nations can be affected by cyber-attacks even if they are not the intended target.
- States may conduct cyber operations through their security and foreign intelligence agencies or via non-state proxies, such as private contractors.
- State-backed operations tend to coincide with a geopolitical dispute, may persistently target strategic assets, and may be especially sophisticated and resource-intensive. However, states also use simple techniques, such as phishing.
- The UK Government has stated that China and Russia pose the greatest of state-backed cyber threats to the UK, and that Iran and North Korea also have notable cyber capabilities.
- The UK is recognised as having world-class strengths in cyber security and cyber intelligence, according to a comparison of 15 states by the International Institute for Strategic Studies. The study noted shortfalls in the UK’s skilled cyber workforce, an inability to invest on the same scale as the US and China, and a lack of an industrial base to build and export equipment that may help to shape the future of cyberspace.
- The UK participates in international partnerships to share intelligence, best practice and cyber capabilities, including the Five Eyes alliance and NATO.
POSTnotes are based on literature reviews and interviews with a range of stakeholders and are externally peer reviewed. POST would like to thank interviewees and peer reviewers for kindly giving up their time during the preparation of this briefing, including:
- Dr Adrian Nish, BAE Systems*
- Dr Andrew Dwyer, Durham University
- Dr Bill Mitchell, BCS the Chartered Institute for IT
- Ciaran Martin, Oxford Blavatnik School of Government
- Dr Clare Stevens, University of Portsmouth*
- Conrad Prince, Royal United Services Institute (RUSI)*
- Dr Dan Lomas, Brunel Centre for Intelligence and Security Studies
- Darren Lawrence, Cranfield University
- Department for Digital, Culture, Media and Sport
- Emily Taylor, Oxford Information Labs
- Gabriel Basset*
- Home Office*
- James Sullivan, Royal United Services Institute (RUSI)
- Dr Jamie Collier, Mandiant*
- Jamie MacColl, Royal United Services Institute (RUSI)*
- Jeremy Hilton, Cranfield University*
- Joel Harrison, Milbank
- Joyce Hakmeh, Chatham House*
- Dr Kristian Gustafson, Brunel Centre for Intelligence and Security Studies
- Members of the POST Board*
- Ministry of Defence*
- Miriam Howe, BAE Systems
- National Cyber Security Centre (NCSC)*
- Dr Neveen Shaaban Abdalla, Brunel Centre for Intelligence and Security Studies
- Olivia Griffiths, Rebellion Defence
- Professor Philip Davies, Brunel Centre for Intelligence and Security Studies
- Dr Steven Wagner, Brunel Centre for Intelligence and Security Studies
- Stuart Aston, Microsoft*
- The grugq
- Dr Tim Stevens, King’s College London*
*denotes people and organisations who acted as external reviewers of the briefing.
Documents to download
|Academic Fellowships||Upcoming work||POST Publications|
Latest News from
POST (Parliamentary Office of Science and Technology)
Nuclear energy in the UK14/12/2022 16:15:00
Nuclear electricity is a predictable and low-carbon part of the UK energy mix, currently providing 15% of the UK’s electricity.
Diet-related Health Inequalities12/12/2022 11:38:00
A POSTnote that describes the impact of poor diet on health, the underlying causes and policy approaches to address them.
Creation of 4 new special inquiry committees07/12/2022 14:10:00
The House of Lords Liaison Committee publishes a report in which it recommends to the House four proposals for new special inquiry committees in 2023.
Mental Health Act Reform – Children and Young People04/11/2022 15:05:00
The UK Government has published a draft Mental Health Bill to amend the Mental Health Act (MHA) 1983.
Lords Committee expresses significant concerns about UK-Rwanda asylum arrangement19/10/2022 10:15:00
The UK Government should not have concluded the agreement to relocate asylum seekers to Rwanda as a mere political agreement without parliamentary scrutiny or legally enforceable safeguards, according to the House of Lords International Agreements Committee.
Performance, Inclusion and Elite Sports – Athletes with Differences in Sex Development12/10/2022 16:38:00
A POSTnote giving an overview of the scientific and ethical debate around policies regulating the participation of female athletes with differences in sex development (DSDs) in the female category of elite, professional sports.
Performance, Inclusion and Elite Sports – Transgender Athletes12/10/2022 13:05:00
A POSTnote giving an overview of the scientific and stakeholder debate on policies regulating the participation of transgender athletes in elite, professional sports.
Automation in military operations10/10/2022 12:33:00
Advances in robotics and digital technologies, such as artificial intelligence (AI), are enabling greater levels of automation across many sectors, including defence.