Tobias Ellwood
Main Page: Tobias Ellwood (Conservative - Bournemouth East)Department Debates - View all Tobias Ellwood's debates with the Ministry of Defence
(10 years, 2 months ago)
Commons ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Mr Arbuthnot
Well, there are pluses and minuses to having a unified structure, and there are risks in having a siloed approach. I said this is the responsibility of everyone, and so it is. I shall explain how wide that responsibility extends.
Mr Tobias Ellwood (Bournemouth East) (Con)
Further to that, although a number of Departments have an interest, was my right hon. Friend assured by the MOD—within his sphere of responsibility—that there is a single individual in charge? I understood from reading his Committee’s report that the Joint Forces Commander is currently responsible, but the intention is to have the Chief of Defence Intelligence involved as well, and perhaps to appoint a three-star Defence Chief Information Officer. The report did not make it clear to me where we intend to go. The Americans have a four-star in charge. Is my right hon. Friend convinced that there will be an individual clearly responsible for the MOD’s part of the spectrum?
Mr Arbuthnot
Things have moved on since our Committee reported. There is somebody in overall command and that is my right hon. Friend the Minister for the Armed Forces, who will, I have no doubt, set out precisely how things have moved on when he responds to the debate. That is the purpose of Select Committee reports, and I am pleased about that.
The Committee was particularly concerned that the armed forces are now very dependent on information and communications technology and if those systems suffered a sustained cyber-attack, their ability to operate might be fatally compromised.
Mr Arbuthnot
The hon. Lady is quite right. We are groping towards it, but we are not quite there. One of the benefits of this debate, of our report and of the Government’s response is to help us move to a better place.
Mr Ellwood
My right hon. Friend makes an important connection between the business community and state operations. I am concerned that state operations do not have the funds to attract the necessary expertise—geeks, my right hon. Friend called them—when they are in demand in the civilian sector. Banks and so forth pay huge sums of money to make sure they are able to fight off any cyber-security issue. Does he agree with a stance that my hon. Friend the Member for Canterbury (Mr Brazier) might take—that there is a need to make sure that those in the reserve forces who actually have such skill sets through working in businesses can work in the MOD as well?
Mr Tobias Ellwood (Bournemouth East) (Con)
In a hands-free, wireless, bluetooth enabled world, how would any of us cope without access to our mobile phone or computer data for any duration of time? Our lives and livelihoods depend on those assets, and they would change fundamentally if they did not work. The recent flooding in Dorset affected electricity and caused some households to reach for the candles. What a new experience that was for a generation of people who perhaps take our world a little bit for granted. They believe that all these things that we enjoy are there and will not be challenged.
I welcome this debate, and I commend the Defence Committee and its Chair for their report. My concern is that we are debating something that is changing almost daily and yet the report was printed on 26 March 2012. In answer to my interventions at the start of the debate, the Minister made it clear that changes have been introduced, but even they will be out of date given the pace of change in this area.
As we move into an ever more digital and virtual world, we are increasingly exposed to attacks not just on personal data and intellectual property but on state operations, from air traffic control systems to electricity grids. Cyber-attacks are simpler and cheaper than a dirty bomb. We no longer see robbers running in to rob a bank; it is all done electronically. This is the world that we now need to recognise.
Two years ago, I attended a course at Harvard university on national and international security. A cyber-security expert borrowed a laptop. He then purchased and downloaded $16 of software, and managed to tap into Boston’s traffic light systems. Had he taken it one step further, he would have been traced and got into trouble. None the less, he showed how easy and quick it would have been, with just $16 of software, to cause huge disruption.
Let me place this issue in perspective. In the development of warfare, there are occasionally seismic leaps in capability as new systems are introduced, and they force all of us to adapt. Going back in history, the longbow changed the outcome of the battle of Agincourt. The introduction of the cannonball changed the way in which ships attacked one another, preventing the need to go on board. The introduction of the submarine, the tank, the plane and the aircraft carrier all changed the conduct of war. As has been said again and again in this Chamber, cyber-technology will provide a new dimension, which we all need to understand.
I am a little saddened that the Chamber is so empty. I hope that it is not because I am on my feet.
Mr Ellwood
Thank you! The fact is it is the usual suspects who are here today, by which I mean those who are interested in defence matters. However, as my right hon. Friend the Member for North East Hampshire (Mr Arbuthnot) said, this issue does not affect just defence. It covers the business arena, the Home Office and the Ministry of Defence, yet we are not familiarising ourselves with the structures and processes so that we are at the front end of this capability. The speed of attack, if it happens, will be phenomenal. We have not yet seen anything on a scale that would fundamentally affect our lives, but there will be no build-up to such an attack. There will be no arms, tanks or ships mustering on the border; our lives will suddenly change when our computer systems no longer work.
The UK’s military equipment is increasingly vulnerable because of the complexity of its IT. What would happen if we lost the global positioning system? How would anything operate and could we cope? When I was at Sandhurst, we were taught how to use a compass. I am not sure whether that happens any more, but if the systems go down, that is what will be required.
Today’s statement on Ukraine reminds us of our involvement in the Crimean war and the charge of the Light Brigade. That infamous event took place because of a breakdown in communications, as by the time the orders reached Lord Cardigan, he had the wrong idea of what his mission was. Goodness knows what would happen today if we had insufficient resilience to communicate using our usual systems.
Knowing a little about Joint Forces Command, I understand the logic of placing cyber-security in that domain—it is wise that it is fed into the command—but cyber-security should have its own distinct command with its own expertise, as is advocated by some in the United States. Additionally, the relationship between the Global Operations Security Control Centre and the defence cyber operations group needs to be clarified for those of us who were unable to participate in the Committee’s inquiry. Will the Minister update us on bringing together disparate groupings and organisations within various Ministries through the GOSCC?
I support the call for the use of reservists. Banks and other financial services businesses are at the high end of ensuring that they protect their capabilities, so we need to determine how we attract people with the skill sets to do that job to work in the Ministry of Defence as well. Will the Minister tell us what is being done to encourage our NATO allies to improve joint capabilities? That subject might be suitable for discussion at the 2014 NATO summit, which will take place in this country. Given the damage and disruption that a cyber-attack might inflict, would a full-scale attack on another country be subject to article 5 of the North Atlantic treaty? Have rules of engagement been determined for offensive and defence cyber-operations?
I welcome this debate and I agree with my hon. Friend the Member for North Wiltshire (Mr Gray) that we should have defence debates more regularly. The House needs to understand this emerging threat that faces us all, as it is only a matter of time before a major strike takes place. I welcome the huge progress that the Government are making, but there is clearly much more to do.