"Cyberspace" is the term used to describe the electronic medium of digital networks used to store, modify and communicate information. It includes the Internet but also other information systems that support businesses, infrastructure and services.
We all rely on the availability of these systems on a daily basis. A secure online environment is essential to HM Government, which is providing an ever-increasing number of online services to UK citizens and businesses as part of a major digital services transformation programme. The ability to conduct online transactions securely it is central to the delivery of public and commercial services and communications. However, some individuals and groups use cyberspace for malicious purposes. We call these people 'hostile actors' and they exploit cyberspace to conduct espionage operations or launch damaging computer network attacks.
A wide range of hostile actors use cyber to target the UK. They include foreign states, criminals, "hacktivist" groups and terrorists. The resources and capabilities of such actors vary. Foreign states are generally equipped to conduct the most damaging cyber espionage and computer network attacks.
Hostile actors conducting cyber espionage can target the government, military, business and individuals. They use computer networks, for example, to steal large volumes of sensitive data undetected. This might include intellectual property, research and development projects, strategic data on a company's merger and acquisition plans, or any other information that the owner might want to protect.
Cyber espionage should be viewed as an extension of traditional espionage. It allows a hostile actor to steal information remotely, cheaply and on an industrial scale. It can be done with relatively little risk to a hostile actor's intelligence officers or agents overseas. We call this activity Computer Network Exploitation (CNE).
Hostile actors can also use malicious software (or malware) to disrupt and damage cyber infrastructure. This can range from taking a website offline to manipulating industrial process command and control systems. Such activity is known as Computer Network Attack (CNA).
Cyber espionage presents a real risk to the economic well-being of the UK. It poses a direct threat to UK national security.
The Centre for the Protection of National Infrastructure (CPNI) produces a range of advice and guidance to help protect the country’s essential services against threats to national security. This includes protective measures for cyber security. CPNI also works in partnership with GCHQ/CESG on cyber security. Other useful sources of information for individuals and businesses include the Get Safe Online website and GOV.UK.