Michael Fallon

- Hansard -

Copy Link

- - Excerpts

We continue to address this issue through sanctions and through the political work of the European Union. NATO is implementing the decisions taken at Newport, which will see NATO’s responsiveness increase significantly. We have offered four Typhoon aircraft for next year as part of the ongoing policing mission, and the deployment of 3,500 troops as part of NATO exercise activity this year and next. We have also offered a battlegroup and a brigade headquarters as part of the new very high readiness joint taskforce.

Michael Fallon

- Hansard -

Copy Link

- - Excerpts

My right hon. Friends the Foreign Secretary and the Prime Minister have been in discussion with our allies about the role that the Turkish Government could play in the middle east. For the Turkish Government, as the hon. Lady will know, it is an extremely complicated situation, but it is important that all the neighbours of Iraq and Syria contribute to the effort to prevent Iraq from falling apart and Syria from falling into further bloodshed.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

The hon. Gentleman will know that the Foreign Secretary went to Erbil on his recent visit to Iraq. The British Government’s position is clear: we need to keep Iraq as a unified state. The one thing that I heard in every one of the capitals I visited in the Gulf is that Iraq needs to remain a unified state. We should devote our efforts to trying to achieve that outcome—a unified state with a pluralistic Government.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

The UK has excellent military-to-military relationships with Jordan. We send troops there for training for our own purposes and we provide technical support and assistance to the Jordanian armed forces. Many Jordanian officers come to the UK for training. We will continue to support the Jordanian armed forces and the Jordanian Government in every practical way we can.

Mr Philip Hammond

- Hansard -

Copy Link

- - Excerpts

Whether to bring the second carrier into service is a decision for the SDSR in 2015, as we have always been clear. Equally, I have always been clear that my personal view is that when one spends £6.4 billion of taxpayers’ money building two ships, one had better strain every possible sinew to operate them both.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

It is for NATO as an organisation to set the agenda for the summit, not the UK; we merely host it and pick up the bill for doing so. We have been in the lead in seeking to agree across the member states a statement about the future financing of NATO, a statement that will answer the challenge—I referred to it earlier—that the United States has been persistently and quite legitimately raising over the past couple of years. I am confident that we will have a positive statement to make at the NATO summit.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

The agenda for the NATO summit is a matter for NATO members, not for the host country, to determine. From the discussions I have had with my NATO ministerial colleagues, I do not think there is any appetite for a NATO-Russia meeting during the course of the summit in Wales.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

I have regular discussions with my Polish counterpart and, as I mentioned a few moments ago, my hon. Friend the Minister responsible for international security strategy will travel to Poland on Wednesday for further such discussions.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

I am happy to join my hon. Friend in congratulating the Royal Engineers on the role they have played. There is a continuing detachment of Royal Engineers inspecting thousands of flood defences around the country, triaging them so that the Environment Agency can target its specialist engineers on those most at risk.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

The hon. Lady is understating the case—one of the reasons most certainly is fear of what the costs will be. The MOD’s position is clear: we would like to do more to support the civil authorities, and we want to make sure that the defence budget is neither advantaged nor disadvantaged from doing so. That implies a full marginal costing recovery regime, and I have written to my colleagues at the Treasury suggesting that we look at a change to the regime to make the situation much clearer to the civil authorities in advance.

Mr Arbuthnot

- Hansard -

Copy Link

- - Excerpts

I am sure that my hon. Friend is right in saying that the Government are well aware of where some of these attacks are coming from. I do not agree that it would be relatively easy to counter them, because these threats are developing at a frightening speed, as the hon. Member for Barrow and Furness (John Woodcock) said. The diversity and development of these threats is changing on a second-by-second basis.

I am pleased to say that the Government are taking action to make the UK more resilient to cyber-attacks. It has established a new computer emergency response team in early 2014, CERT-UK, to improve the co-ordination of national cyber-incidents and to share technical information among countries. The Government set up a new cyber-incident response scheme in GCHQ to help organisations recover from a cyber-security attack. They have extended the remit of the Centre for the Protection of National Infrastructure—the CPNI—to work with all organisations that may have a role in protecting the UK’s critical systems and intellectual property. They have agreed with regulators in essential services a set of actions to make sure that important data and systems in our critical national infrastructure continue to be safe and resilient. As I have said, responsibility for cyber-security rests principally with companies and organisations themselves. Government agencies’ roles will be limited by available resources and national priorities.

Mr Arbuthnot

- Hansard -

Copy Link

- - Excerpts

The hon. Lady is quite right. We are groping towards it, but we are not quite there. One of the benefits of this debate, of our report and of the Government’s response is to help us move to a better place.

Mr Havard

- Hansard -

Copy Link

- - Excerpts

The short answer is yes. The other aspect is who can be engaged to help to do such things. As the hon. Gentleman, who is on the Defence Committee, will know, the structuring of things to ensure a reserve capability is hugely important. The way in which the process is being put together is correct; there will be no monopoly on understanding in the areas we are discussing. We need as good a collaboration as possible. The delivery of the processes will not always be remote. Intelligence and knowing what is happening, where and with whom will be crucial. I shall come to that later.

The other question that comes up is about the law—I mentioned legitimacy earlier. I am helping to lead a sub-study in the Defence Committee of the military and the law. That is coloured, obviously, by Supreme Court decisions, individual cases and all the rest of it. The issue raises questions about international law, humanitarian law, extra-territorial jurisdiction and other things. An argument is being put that says, “We don’t need anything to be separate. This is a different domain, but all the current legal constructs are good enough and we do not need anything different.” I come back to my earlier point. We need to be clear about doctrine. In large part, our doctrine is public. Some, however, may not be as public as we would like, but we need to be clear about how we do things.

Mr Havard

- Hansard -

Copy Link

- - Excerpts

I do not know, but in the sense that I think I do know, I think that our legal structure is not sufficient and needs revision. I may be wrong, but that debate has to take place and people more qualified than I am need to comment.

It is interesting to note where our allies are. The United States has and has not made all sorts of declarations. If we believe The New York Times, there was a secret legal review that concluded:

“US military forces could legally launch an attack on digital infrastructure located in a foreign country if it found evidence of a threat against its own systems”.

A rules of engagement debate then starts. That is the other difficult bit—we will have to have rules of engagement for such activity. The more we discuss legitimacy in law for these things, the better. If we do not have such a discussion, the issue will be forced on us. That is what we are seeing now in a lot of other areas, so we should structure how we wish to have the debate rather than having a structure imposed on us.

Proportionality is at the guts of the whole business of international law, human rights and legitimacy. We have to show that proportionality is there and that we have mechanisms and systems to ensure that it is. Simply claiming that it is there will not be good enough.

We are not on our own. We need to be joined up not only internally within the United Kingdom, but internationally. We do not have time to go fully into this now, but it is interesting to see Russia’s current adventures in Ukraine. In September 2011, Russia and China said to a UN group that they wanted a code of conduct for cyberspace that would include requirements for co-operation in

“curbing dissemination of information which incites terrorism, secessionism, extremism or undermines other countries’ political, economic and social stability, as well as their spiritual and cultural environment”.

Well, there we are—now we know. Translating that into current events will tell us a lot. That proposed code of conduct was about closing things down and giving legitimacy to the avoidance of dissent and to having systems that are less rather than more open. How we collaborate in this area will be important.

When he was Secretary of Defence in America, Bob Gates said that he could protect .mil, .gov, .org or .com, but that as the protection systems were put in, the public might not like what they saw on .com. That debate is not only to do with defence, but defence has a place in it. Whether there should be a code of conduct and the international arrangements are problematic issues, but there is a growing urgency around them.

At the end of the day, the issue can be about the collection of raw information and the sending of viruses to blow up particular equipment. That is the geeky stuff—the weaponisation and the sexy stuff that the press love. However, at the end of the day, those and other actions are only as good as the intelligence that exists to put them into effect. One area of investment that must not be lost in the question of cyber-issues is defence intelligence. In my opinion, we have the best intelligence analysts and they need to be developed.

We can collect the raw information, but if we do not understand it we will go nowhere with it and make the wrong decision. Investment discussions should please not just be about technical toys, GCHQ and all the stuff about weapons; they should also be about intelligence analysts. Let us protect the capability. The issue is about a whole force, but also about a whole community. Those people are vital in that community and investment also needs to go to them.

Jack Lopresti

- Hansard -

Copy Link

- - Excerpts

I thank my hon. Friend for his helpfully timed intervention. He is absolutely right. Sometimes it is difficult or impossible to determine that an attack has taken place.

On offensive cyber-capability and action, a recent article published by the Royal United Services Institute said that Stuxnet, the malware supposedly used to attack Iran’s nuclear weapons capability, was not successful in delaying Iran’s technical progress. With hindsight, some have seen Stuxnet as a hindrance to diplomatic solutions. I am not sure I entirely agree with that analysis, but it is interesting. Cyber-space is being described as the fifth domain of warfare, so its defence and protection from attack are integral to the operation of our nation’s defence infrastructure.

My last point is whether we are spending enough, which is not an easy subject in a time of fiscal austerity. Last week, Chuck Hagel, the US Secretary of Defence, outlined a vision for a leaner US defence posture with reductions in the US army to a pre-1942 position. However, at the same time, he rightly proposed increased spending on cyber-defence.

Jack Lopresti

- Hansard -

Copy Link

- - Excerpts

Yes, I agree, but obviously we are talking about different scales.

I am fully aware that the issues I have raised today are not easily solved, but I fully commend the Government for the progress they have made so far.

Mrs Madeleine Moon (Bridgend) (Lab)

- Hansard -

Copy Link

- - Excerpts

I apologise, Madam Deputy Speaker, for not standing up. I thought the hon. Member for Filton and Bradley Stoke (Jack Lopresti) had sat down to take an intervention, but slowly it came to my mind that he had finished his speech.

It is an honour to follow the hon. and gallant Gentleman. I share his concern about an attack on our national infrastructure, but we sometimes focus on things such as banking and transport when we should perhaps look at our food supplies or our hospitals. The impact of such an attack on the civilian population and the country’s morale would be huge. We must address resilience to a cyber-attack and we must engage the civilian population in understanding and preparing for that.

T he Chairman of the Defence Committee and I were given a book for holiday reading: “One Second After”. That delightful read, which probably wrecked my summer, was a description of the United States after an electro-magnetic impulse attack had taken out all its computer-based systems. Everything went. No cars could go on the road and nothing would work. It was a scary prospect and I now understand why the Defence Committee’s Chairman runs a car that does not have a computer in it. I am sure the book was a great influence in the decision to purchase that car.

The book also made me aware of the very narrow issue of who is the enemy. In traditional warfare, we tend to know who we are fighting, but in future we may be fighting criminals who are holding the country to ransom. We could be fighting terrorists, because a state is not needed to manufacture a cyber-attack, or activists or anarchists. It has been suggested that some of the attacks in Estonia were by third-party actors. At the bottom of the list is the potential for a state to attack, because states like rules and the rest do not follow rules. That is why they must be our focus, our worry and our concern.

A statement made in 2012 informed us:

“Our cyber defences blocked around 400,000 advanced, malicious cyber threats against the government’s secure intranet alone”.

On the whole, we do not know where those threats are coming from. We do know that the Government have given a commitment to having full-spectrum capability in dealing with cyber-attacks. In fact, in response to the growing number of cyber-attacks, the Secretary of State said that

“we are developing a full-spectrum military cyber capability, including a strike capability, to enhance the UK’s range of military capability. Increasingly, our defence budget is being invested in high-end capabilities such as cyber and intelligence and surveillance assets to ensure we can keep the country safe.”

I was very interested in that statement, so it sent me off on a little tangent, as such things often do.

As the Minister, who has received many of my quirky little requests for information, will know, I sent off a parliamentary question to every Department asking them how many specialist IT staff they employed who had a PhD in computer science, who had a master’s degree in computer science, and perhaps who even had just a basic bachelor’s degree in computer science. It did not bode well, I have to say. The Ministry of Defence can rest on its laurels; it came second to the Department for Work and Pensions, with 1,625 such members of staff. None of the Departments could break the information down by qualification across Departments, which could explain why Government are not very good at commissioning cyber-capability and improved computer networking capability. Only 5,088 people, in total, held a degree-level capability in computing. It was depressing to note that the Department for Culture, Media and Sport had only three people with such a qualification, so we should watch out for its contracting.

Mrs Moon

- Hansard -

Copy Link

- - Excerpts

I did, and most Departments responded that they worked in specialist teams, as we would expect.

Interestingly, the response from Her Majesty’s Treasury told us that a total of 48 people are employed within its centralised IT department, or teams. Those staff provide IT services to the Cabinet Office and to the Treasury. That compares with 57 people in 2008 who worked exclusively within the Treasury, so the numbers are going down, and that has to be a matter of concern. As people with these skills are increasingly highly valued in the marketplace, can Government stay ahead of the market in being able to recruit them?

I was worried about the budget and looked into that aspect. We have heard about the figure of £650 million over five years, which is a mere fraction of the figure for the annual economy, which is set to lose £27 billion every year to criminal activity in the cyber-realm. In contrast, the US Department of Defence has outlined a $23 billion spend on cyber operations in the financial year of 2018 alone.

I thought that I would then have a look at how well we were doing in this area. I discovered, rather alarmingly, that the Government had withdrawn from a new cyber-warfare project called Project Cipher, which was intended fully to scrutinise complex programmes to ensure that they had the potential to meet our needs. After thorough assessment, it was decided that Cipher would not meet the full defence capability required to offer long-term value for the taxpayer, and so the programme was not taken forward. The costs of the stalled project, in the assessment phase alone, had been £66 million, so we have lost a large percentage of the money set aside for cyber, and they were £47 million above the original budget. Overall, this was a major disaster. IHS Janes has said that the project was

“intended to renew the MoD’s cryptographic inventory and automate its crypto-key management systems by replacing obsolete current systems to prevent encoded communication links being compromised.”

I understood half that sentence. The important bit is that it was intended to replace obsolete current systems, because Departments are not good at replacing obsolescent systems. They tend to work things for the length of a Parliament, which is now five years, when we all know that these computers are dying on their feet after about the first two years.

IHS Janes continued:

“The delays in bringing Cipher online are creating capability risks, says the NAO, because the ministry’s existing crypto capability lacks the flexibility to deliver the flagship Network Enabled Capability project, which aims to link up a wide range of military communication networks. This means efficiency savings relating to the automation of crypto capability has been delayed, leading to increased demands on military manpower.”

It explained that the problems with Cipher’s design first emerged during an assessment phase and that they were the result of the lack of suitably qualified experienced civil servants—you will be surprised to hear that, Madam Deputy Speaker. One of the essential things that we must do if we are to be responsible in looking to the defence of this country is to find the way to employ and retain the capability that we need within government to provide the skills and oversee the systems that we operate to keep this country secure.

There has been considerable discussion about having a cyber reserve. I have had conversations with a number of companies that have told me that they are very worried about their employees joining the reserves because they fear for them when they have to travel abroad. Many international companies work around the globe, and they worry about someone who has been in our cyber reserve and transfers to work in another country, or merely travels through a country perhaps on business or on holiday, being prone to personal attack because of the information they would hold not only on their company but on the UK’s cyber-defence capability. I hope the Minister is aware of that concern and will address it.

This is perhaps one of the most urgent and pressing issues affecting this country. We have to take it seriously across every Government Department, but we also have to alert our citizens to the fact that they are now on the front line, because the attack may come from their personal computer, which could be hacked and used for an attack not only on this Government, but on other Governments.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

I can assure my hon. Friend that those people did not die in vain. They have delivered stability in Afghanistan that it could only have dreamed of a decade ago; they have made substantial progress in delivering the infrastructure of a functioning state; and they have protected us from terrorist attacks that could otherwise have originated from that territory. All I can say to my hon. Friend is that the footprint post-2014 will be, as I have set out, based around the Afghan national officer academy, but even that will be at risk if we do not get the bilateral security agreement signed and a NATO status of forces agreement in place.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

I think Mr Steinmeier was merely articulating a view that is shared by all NATO partners. We cannot operate without a status of forces agreement that will protect our own forces from exposure to Afghan judicial processes. We must be able to deal with forces’ discipline issues ourselves, and to assure any forces we put into theatre that they will not be subject to local jurisdiction; without that, we will not be able to operate. I think the Afghans understand clearly that no bilateral security agreement and no status of forces agreement means that there will be no foreign forces in Afghanistan.

Dr Murrison

- Hansard -

Copy Link

- - Excerpts

I think that many of us will go on a voyage of exploration as we explore our family histories during the four-year period. I know that my hon. Friend has long-standing Sussex ancestry. May I take this opportunity to congratulate his daughter, who I understand has just joined the Army Reserve?

Dr Murrison

- Hansard -

Copy Link

- - Excerpts

I absolutely agree with the hon. Lady, as she would expect. There will be opportunities throughout the four-year period to commemorate not just fighting soldiers, but the population at large and women in particular. It is important to note that this was the first total war that we experienced. It would therefore be bizarre if we did not commemorate the contribution of the whole population, rather than simply commemorating our troops, important though they were.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

As was mentioned by the shadow Secretary of State, just before Christmas I published the trajectory of recruiting targets for the reserves that we will have to meet to deliver on our commitment of 30,000 trained reservists by 2018. I have given the House a commitment that we will publish the out-turn figures on a quarterly basis. Aside from the numbers, anyone who looks at the Army recruiting website will start to see measurable, noticeable improvements by the end of this month, as some of the interim solutions start to take effect.

Mr Hammond

- Hansard -

Copy Link

- - Excerpts

To interpret the hon. Lady’s question, I am clear that the problems with the ICT platform are not initial difficulties. We have made a clear decision that the Atlas platform is not fit for this purpose and have asked Capita to develop a dedicated platform for Army recruitment.

However, I think that the hon. Lady is probably referring to the wider challenge of recruiting the necessary reserve numbers. She is right to say that there are two components to that. There is the technical challenge of processing recruits through the pipeline. I have admitted to the House on a number of occasions that the system is very clunky, which is partly but not exclusively because of problems with the ICT platform. There is also the wider challenge, in the face of societal change and public attitudes, of encouraging people to want to join the Army Reserve and encouraging employers to want to support employees in joining the Army Reserve. It is very early days, but the signs are encouraging. I have no doubt that I will continue to report to the House as the evidence becomes more readily available over the course of the year.

Mr Dunne

- Hansard -

Copy Link

- - Excerpts

I am very confident of the food supply chain for mince pies, having visited the factory supplying our troops in Helmand earlier today.

The national security risk assessment rates the short to medium-term disruption to essential resources including food as a tier 3 risk. The UK currently enjoys a high degree of food security in terms of access, availability, resilience and variety of food supply. The main role for the MOD in securing international food supply chains and other critical resources is, in co-ordination with others, to police international sea lanes, which supply the vast majority of imports to the UK of food and other essential resources.

Mr Brazier

- Hansard -

Copy Link

- - Excerpts

I am grateful to my hon. Friend for her kind words. My essential point is that Parliament recognised, when the Territorial and Reserve Forces Act 1907 was put through, that reservist recruitment would never work if it were simply run by the Regular Army. It does not work. There is no reserve army anywhere in the world that is effectively run by its regular counterpart. We need a strong independent body. This new clause, which my right hon. Friend the Secretary of State has generously said he will accept, will put the body that used to do this job very effectively into a powerful position as inspectors.

Mr Brazier

- Hansard -

Copy Link

- - Excerpts

I am not sure that I heard the last few words of the hon. Lady’s intervention; would she mind repeating it, as I could not quite hear?

Mr Brazier

- Hansard -

Copy Link

- - Excerpts

A whole string of changes affecting the recruiting group are already taking place, and I am sure that the Secretary of State will address some of them. The key point—I am really grateful for the hon. Lady’s support in signing my new clause and in raising questions in the Select Committee and so forth—is that we would not have lost 18 months if people had listened to the RFCAs, to which all this was painfully obvious 18 months ago, instead of having some regular officers arrogantly cracking on without talking to the units or the RFCAs.