On February 24th the people of Ukraine woke to a deafening barrage of rocket fire striking both civilian and military infrastructure. War had broken out on the European continent for the first time in over 27 years. Yet unbeknown to the public, the conflict had begun hours before the devastating attack had been prepared.
The satellite company Viasat, used by Ukraine’s military for command and control, was breached by Russian hackers using a devastating new form of malware called AcidRain. AcidRain wiped out all system data, permanently disabling the machines and taking out Ukraine’s military communication capabilities in the early days of the war – with deadly implications for forces of the ground.
This so-called hybrid war strategy, attacking both physical and virtual targets, is not new, but it could be coming to our shores – and the UK is not ready to face it.
Britain can expect massive coordinated cyberattacks on our military and infrastructure in retaliation for our support of Ukraine and other foreign policy issues.
A key vulnerability to these attacks is how we store, process and transmit our data.
For example, most people driving through Slough probably do not realise they are in the world’s second-largest data hub: 30 enormous data centres within a few minutes’ drive of each other, housing vast quantities of highly sensitive military, business and personal information. Are these sitting ducks for a one-swipe cyber or hybrid attack, producing destruction and disruption on a grand scale?
In the hybrid context, co-location and other data storage issues need to be addressed in the government’s cyber security strategy but also by our armed forces and intelligence services.
A partial solution is simply to reduce the distances between our key security operations and the data centre. American company Palantir, which helped develop the NHS Covid data store used to track and respond to the virus’s spread, switched its security operations for UK customers from the United States, allowing it to monitor threats and issue critical software updates locally in the event of an attack on undersea internet cables.
Another option is to embrace modularity. Companies like DataQube provide miniature data centres that can be placed almost anywhere, from sensitive military facilities to unused retail space on the high street. By diversifying and spreading where we store our data we can reduce risk and ensure continuity.
Long term data security also requires a steady and sustainable energy supply – few are aware that the internet uses 10% of the world’s energy. In response, British companies are leading the way in data centre sustainability. A secure server that cannot be run because it is drawing too much energy is as useful as a machine gun without any ammunition.
Companies across the UK are helping the Government and wartime critical sectors to be fit for purpose in an increasingly unpredictable world. However, embracing a decentralised network of energy efficient infrastructure will add a layer of physical security, helping everyone rest easier knowing there is insurance against devastating effects of hybrid war.
David is currently Chief Executive Officer at Cambridge based flexible data centre company DataQube. Views expressed in this article are those of the author, not necessarily those of Bright Blue. [Image: Nasa]
