UK intelligence agency GCHQ wants to monitor the networks of private companies that operate critical infrastructure, according to a report in the Daily Telegraph.
The newspaper reports that GCHQ has enlisted the help of Prime Minister David Cameron to help persuade those companies to grant it access. It claims Cameron has met with British Airways, BT and the National Grid to discuss the plans.
Security minister Baroness Neville-Jones told the paper that the government had not yet achieved ‘buy in’ from all the relevant companies. She also denied that the plans threated the privacy these companies’ customers. "“What this partnership will not do is start breaking boundaries that we have around privacy and personal data”, she said.
GCHQ’s plan highlights one the predicaments facing the government in tackling cyber attacks – that many of the networks that could be targetted are operated by private organisations.
A recent report from US-Russian think tank the EastWest Institute argued the co-operation of private orgainsations is essential in cyber security. "The protection of critical infrastructure … is a basic business affair of the private sector, where ownership often resides," it said. Plus, "the primary affiliation of most [cyber security] experts is a private sector company or academic institution," it noted.
Last week, a software engineer at British Airways – one of the companies linked to GCHQ’s plans – was convicted on four terror related charges. Rajib Karim was found have been conspiring to plan terror attacks, including a cyber attack on BA’s own systems.