Lord Mackenzie of Framwellgate

- Hansard -

Copy Link

-

My Lords, I congratulate my noble friends Lord Reid and Lord Browne on their powerful contributions to this debate, which augur well for the future of the House. I also thank the noble Lord, Lord Jopling, for his chairmanship of the sub-committee, of which I am a relatively new member, and for securing this important and timely debate in your Lordships’ House. His stewardship and guidance were models of how an inquiry should be chaired.

Cybercrime is a growing threat to us all. In my experience, the criminal fraternity will always find new ways to achieve its objectives by harnessing new technology and resources to try to outwit the forces of law and order. Every week, we read of new fraudulent scams to relieve the citizens of Europe, and the world, of their hard-won savings or the use of the internet to groom and subsequently abuse our children. We also hear of new squads being set up by law enforcement agencies to deal with those threats. Indeed, as has been mentioned, we heard only this week from the head of GCHQ that the Government are the target of a thousand malicious e-mails each month. Of course, that figure is increasing in line with the growth of the internet by some 60 per cent each year. It follows that these criminal entrepreneurs—that is what they are—will be recruited by intelligence services of ill disposed foreign powers to penetrate the computer systems of the liberal democracies, epitomised by the European Union countries, either to obtain secret intelligence or to damage defence systems or the basic infrastructure, which we take for granted, of the country being attacked.

We all get unwanted e-mails. I will always remember that, a few years ago, when I first came into this House, there was a debate on spam messages in your Lordships’ House. I recall a very elderly Member of your Lordships’ House, who is unfortunately no longer with us, rising to berate the Government of the day for doing nothing about them. He said: “They are always advertising the same products: body enhancements, Viagra or inkjet cartridges”. He finished by saying indignantly, “My Lords, do I look like a man who requires inkjet cartridges”?.

Our inquiry heard evidence from a number of individuals and organisations, but it is fair to say that we were disappointed by the response to our call for evidence. None the less, we should thank those who responded and gave time to assist us in our deliberations. I am pleased that the Government’s response is broadly in agreement with the committee in its criticism of the Commission. Through our examination of specific examples of cyberattacks or disasters, it became evident that, although major disruption can be caused, Great Britain is indeed a leader in Europe in dealing with such disruption; others may well follow.

If the EU is seen as a club, the club rules should set standards for dealing with cyberdisruptions or attacks that all member states should aspire to uphold. We are only as strong as our weakest link. Unlike the European Union and the states within it, the internet has no borders and, in a global economy, with multinational corporations using the internet for business, it is imperative that we have a global response to large-scale cyberattacks or disasters. The development of international rules that are properly policed would deter some countries from turning a blind eye, for whatever reason, to such attacks from within their borders.

The Commission communication was therefore a little disappointing in its lack of global response to the growing threat. To attempt to bring down a nation’s communications system, transport or banking structure is tantamount to an act of war and it would be legitimate for an organisation such as NATO to be brought into play. Not only would that be using the collective wisdom and resources of the alliance countries, but it would act as a powerful deterrent, as it has to conventional threats. The Commission report was almost silent on that. There may be some value in holding joint exercises in that area to reinforce the essential need for more co-operation among NATO countries. In my experience, it is essential for member states to carry out exercises in this area to enable them to participate more fully in future joint efforts.

The European Network and Information Security Agency, ENISA, has been mentioned. It is an important body and exercised the committee greatly, because policing the internet and dealing with criminal enterprises in this area is important. It is to be hoped that the resources can be found to reinforce ENISA so that it can extend its role. Needless to say, I am rather disappointed once again with the lukewarm response to the committee’s recommendations, which seems to raise doubts about the existence of the agency. Perhaps in reply the Minister could give us further assurance on that.

Cybercrime and terrorist attacks are a fascinating subject and I have little doubt that they will exercise us in our deliberations in the months and years to come. As we used to say in the police service, the six “p”s apply: proper planning prevents pretty poor performance. I hope that our deliberations in this area add value to planning to prepare to deal with these matters before they happen.