§ The Earl of Northeskasked Her Majesty's Government:
Whether, in light of the recent computer infection from the Sapphire worm (aka SQL Slammer), they are taking appropriate steps to protect United Kingdom servers from possible future high-speed viruses and "flash worms". [HL1985]
5WA
§ Lord Falconer of ThorotonThese issues are dealt with by the Government's National Infrastructure Security Co-ordination Centre (NISCC), set up to help protect the UK's critical national infrastructure from electronic attack.
NISCC has a 24/7 response capability and issues both warnings and best practice advice (for example, encouraging the protection of systems by regularly updating anti-virus software and by the application of fixes for known vulnerabilities).
Where NISCC discovers or is informed about a vulnerability, it will work with vendors and others to develop mitigating actions. It is especially careful about disclosing its knowledge about vulnerabilities before effective protective measures can be taken.
During the morning that "Slammer" spread. NISCC's rapid response team carried out a technical analysis, consulted with national and international partners, and issued a number of prompt alerts. No warning could have been fast enough to prevent some infection from a worm that spread world-wide in 10 minutes. This infection did however exploit a known vulnerability which NISCC had warned about some months earlier.
NISCC alerts, and other information, are e-mailed to government and CNI partners, but are also posted on its website for the benefit of all. NISCC has an outreach programme with the critical national infrastructure, is involved in government information security issues, and actively supports the formation of information sharing groups which can help raise awareness and improve appropriate levels of protection.
§ The Earl of Northeskasked Her Majesty's Government:
Whether they intend to update the Computer Misuse Act 1990 in light of the recent decision of the European Union Justice Ministers to approve new laws for dealing with computer hackers and spreaders of computer viruses and worms. [HL1987]
§ Lord Falconer of ThorotonOn 28 February 2003, approval of the general approach to the European Union framework decision on attacks against information systems was given by the Justice and Home Affairs Council of Ministers.
The Government are considering the extent to which the Computer Misuse Act 1990 and wider legislation deals with the requirements of the framework decision, and the related provisions contained in the Council of Europe Cybercrime Convention.
While existing UK legislation already covers the majority of the requirements of these texts as they relate to offences against computer and information systems, there will need to be some amendments to legislation in order to be fully compliant. These changes will be brought forward when parliamentary time allows.
6WA
§ The Earl of Northeskasked Her Majesty's Government:
How many reports of virus attacks or other computer crimes have been made under the confidentiality charter of the National Hi-Tech Crime Unit since its inception in December. [HL2041]
§ Lord Falconer of ThorotonIt is not possible to classify the number of reports made to National Hi-Tech Crime Unit (NHTCU) as a direct result of the charter which was launched on 10 December 2002. However, since this date the unit has noted a marked increase in the number of calls, reports and enquiries from business and industry. In some cases, the contact has been to enquire how the new charter works; in others, it has been to report an incident or occurrence. The unit believed that a high proportion of these reports would not have been lodged had it not been for the charter.
The confidentiality charter assists in developing the environment in which businesses can safely report suspicious hi-tech activity and attacks against computer systems without concern that this will cause interruption to their business. The charter, in contributing to a greater understanding of the range and amount of hi-tech crime which is being committed, will enable law enforcement and the Government to take effective action to deal with this threat.
The role of NHTCU in receiving reports of virus attacks is in addition to that of the unified incident reporting and alert scheme (UNIRAS) which receives reports of significant electronic attack incidents, threats, new vulnerabilities and countermeasures from its customer base and other commercial, government and international sources.