Chemical engineer warns lawmakers about UK’s cyber weaknesses

THE UK is routinely targeted by cyber attackers, with China and Russia posing the greatest state-backed cyber threat, says a parliamentary briefing report by IChemE’s 2021 Ashok Kumar fellow, Amber Keegan.  

In her report, conducted as part of a three-month placement working at the UK Parliamentary Office of Science and Technology (POST), Keegan said while the UK has world-class strengths in cyber security and intelligence, the country lacks a skilled cyber workforce. Furthermore, the problem is exacerbated by inadequate funding, when compared with countries like the US and China, and the lack of an industrial base to build and export equipment that may help to shape the future of cyberspace. 

Although building a full picture of the cyber operations conducted globally is difficult, said Keegan, due to concerns over reputational harm, business disruption or simply an unawareness of a security breach, she notes that the number and sophistication of cyber-attacks on the UK are increasing.  

As many as 777 incidents (from non-state and state attackers) were dealt with by the National Cyber Security Centre (NSCS), an arm of the Government Communications Headquarters (GCHQ), in 2020/21. That’s a rise of 30% in four years, Keegan reports. 

However, the Home Office says that UK industry, academia, defence and business sectors are also routinely targeted by foreign states. Although the largest proportion of cyber intrusions (49%) were financially motivated criminal operations, at least 18% were by state or state-backed groups, looking to obtain data (espionage), disrupt services, or to spread disinformation. 

Keegan’s briefing note (POSTnote), States’ use of cyber operations, comes as parliament considers the National Security Bill, and the UK Government reviews the Computer Misuse Act - the UK’s main piece of legislation regarding computer-dependent crime. The Computer Misuse Act (CMA) was drafted in 1990 and although it has been updated several times to reflect continued changes in technology and cyber security, the last significant update came in 2015. As such many now believe the law is out of date.  

Along with reviewing existing counter-espionage laws and Acts, a range of measures including, improving skills, raising basic cyber security, and developing cyber technologies, standards and offensive capabilities, should be implemented to combat cyber-threats, Keegan notes. 

Keegan, a University of Sheffield chemical engineering postgraduate student, will be sharing lessons from her fellowship experience, as well as explaining more on her report in a free webinar on 23 November.  

The Ashok Kumar Fellowship is a jointly funded project by IChemE and the Materials Processing Institute which honours its namesake, the only serving chemical engineer in UK Parliament at the time of his sudden death in March 2010. 

“The POST Fellowship was an incredible experience and has shown me just how widely the chemical engineering skillset can be applied. It was the engineering skills of problem solving, attention to detail and analytical thinking that helped me quickly understand a complex new topic and draw out key messages,” Keegan said. “I would encourage anyone who loves engineering and is interested in exploring more about how it can impact society to apply for a POST Fellowship.”