Internet should be prepared for 'militarisation': UK ministry report

Stephen Bell looks at a report on cyber-conflict called The Global Cyber-Game

A recently published report on potential scenarios of cyber-conflict, The Global Cyber-Game, says it is inevitable that the internet will be "militarised" -- used to serve the needs of military conflict between nations -- and that ICT will increasingly be both an important means and a target of such conflict.

Published as the result of a lengthy study by the UK's Defence Academy -- the educational and academic liaison unit of the Ministry of Defence -- the report calls for the internet to be significantly "hardened" from a security perspective, in order to avoid adverse effects for all its users.

There is also a strong warning to governments that in their eagerness to use information technology as a weapon of war against other nations, they should avoid creating malware that will "proliferate" and cause wider harm.

Rising alarm

Transparency is a likely part of any scenario of digitally mediated conflict or competition, the academy says. During the current period of "rising alarm" over possible cyber-warfare, "information transparency is likely to be a persistent reality," it says. "All strategy and policy should be made as if it will become public."

The report attempts to systematise interactions between nations, and between other actors such as hackers (in both the neutral and pejorative sense), organised crime and civil society.

The template for this is what the academy calls the "Cyber Gameboard" -- a 3 x 3 matrix of squares. One dimension is information-related, considering hardware infrastructure (connection) software (computation) and the knowledge it produces and influences in the human mind (cognition).

On the other dimension the three divisions represent modes of interaction -- conflict, cooption and cooperation. Cooperation has been the staple of the internet as it has grown, but there is an increasing atmosphere of cooption -- "the ability to draw customers into dependence on successful information platforms. This puts a few very large information companies such as Microsoft, Apple, Google, IBM, Cisco, Juniper, Huawei, etc. in very powerful positions."

On the basis of this board, the report attempts to model such incidents as the presumed US-Israeli Stuxnet attack on Iranian nuclear centrifuges and China's exercise of its "cyberpower" -- including the suspicions surrounding Huawei's connections with the Chinese government and intelligence agencies. It admits, however, that information on such incidents is far from complete and unambiguous.


There is a growing risk that the internet will be "Balkanised" -- divided into national islands operating according to government dictates, the report says.

This will be done in the name of national security and the protection of sovereignty, but risks imperilling the further progress of the major benefit that the internet has brought -- that expert knowledge from any part of the world can be readily acquired and a variety of opinions deriving from different philosophical and political bases brought to bear on a question.

Better decisions

One of the primary impacts of the internet is a global increase in the quality of decision-making because of the ease with which experts on any topic can be located and consulted. This applies equally to academic collaborations, business decisions, policy deliberations, and personal life. Though hard to quantify precisely, "the long- term impact of generally better decision-making at every level due to the ability to source expertise from anywhere in the world on an as-needed basic cannot be overstated," the academy says.

Increasing traffic

Internet traffic growth is accelerating exponentially, and according to Cisco was up 42 percent in 2011. Cisco estimates that internet traffic could grow from its 2011 level of about 300 exabytes a year to about 1300 exabytes (million terabytes) a year by 2016.

"Unfortunately the internet was not designed with the expectation of current or expected traffic levels, or security threats, and has a number of known, and no doubt unknown, vulnerabilities that make it potentially liable to sustained catastrophic outage."

The report in its entirety (110 pages plus 10 pages of bibliography and references) can be read at

Join the CSO newsletter!

Error: Please check your email address.

Tags Government use of ITDefence Academysecurityinternetgovernment

More about AppleCiscoGoogleHuaweiIBM AustraliaJuniperMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Stephen Bell

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place