Vigilance Urged over IT Security

Vigilance urged over IT security
Computer systems running health, energy and other national services remain vulnerable to attacks and accidental damage, say MPs.

The all-party Parliamentary IT body Pitcom said MPs needed to remain vigilant about the threat when passing laws to do with "critical services".

It highlighted the danger of knock-on effects on the national infrastructure, in an "increasingly networked world".

Attacks on telecommunication and power centres could be "catastrophic".

In its first briefing on the politics of information technology, Critical Connections Under Strain, it stressed that the complex relationship between various computer systems meant one was vulnerable if another was attacked.

In particular, in the telecommunications and power industries, it could "potentially trigger a cascade of other problems with catastrophic results".

Parliamentarians cannot afford to take their eye off the ball in this ever more complex and fast-changing field
Andrew Miller MP

Its report found the Buncefield oil explosion had knocked out a hospital's admissions system, by destroying the offices of an IT company.

And it highlighted the case of a fire in a BT cable tunnel in Manchester in 2004, which knocked out 130,000 land lines and disrupted internet services and communications between police forces and paramedics.

It said the internet, with its roots in US defence research, had been designed to be resilient.

Slow development

But the restrictions of the UK's small number of "internet peering centres" - locations where internet traffic is exchanged between regions or countries - meant UK communications were much more vulnerable than people realised.

Satellite and wireless alternatives to internet communications were also taking too long to develop, the report said.

Businesses added to the vulnerability as many lacked any formal security policy, did not educate staff about security responsibilities and failed to carry out background checks on staff.

Laws needed to be updated and loopholes closed, the report found.

The committee also looked at the new Serious Organised Crime Agency, saying it may need more money to fight cyber crime throughout the UK, rather than focusing only on major population centre.

Pitcom chairman Andrew Miller MP said much good work had been done by the government and technology industry to "create safeguards and back-up systems across our critical services".

"But parliamentarians cannot afford to take their eye off the ball in this ever more complex and fast-changing field," he said.

"All new legislation which impacts on the provision of such services needs to take IT issues and in particular IT security into account."