DEFENCE – CYBER-SECURITY – 4 March 2014

Dr Julian Lewis: I am a little concerned that my right hon. Friend is bringing his arguments to a close, because he touched on one point that I was rather hoping he would develop. He said that the [Defence] Committee visited Estonia. For people who, like me, were not part of the Committee’s study, it would be extremely helpful to know in concrete terms a little more about what it discovered on that visit about what a cyber-attack by a hostile neighbour can really mean.

[James Arbuthnot: The Committee visited Estonia in 2009. It has still not been conclusively established who precisely was responsible for the attacks that took down much of that country’s banking system, although we have our suspicions – they may have been marching around in unmarked uniforms. We discovered that the attack had been comparatively easy to achieve. It was a distributed denial-of-service attack that did real damage. We also discovered the international centre of excellence in Estonia, which at that stage the Government were not contributing towards in dealing with cyber-attacks. I am delighted that they have since decided, perhaps as a result of our incredibly effective report, to contribute to the centre.

Sir Bob Russell: I was biding my time, but the intervention from the hon. Member for New Forest East (Dr Lewis) has prompted me to intervene. Has any evidence yet come forward to suggest that what is going on in Crimea has involved cyber-security breaches either way?

Mr Arbuthnot: If there is evidence of that, I do not yet know of it. All I can say is that before the invasion of Georgia there was an extensive cyber-attack on its computer network that was very similar to the one on Estonia. I suspect that it is now a new method of fighting wars that we must all get used to.]