Lord Toby Harris Logo

Archive for the ‘Defence’ Category

Jun 12,2011

Behind the Sunday Times paywall or on page 26 of the newspaper itself is what may be the scariest story in today’s newspapers. According to the article:
“An Israeli attack against Iran’s nuclear facilities last year was averted after Binyamin Netanyhu, the prime minister, met robust opposition from the army and Mossad, the intelligence service, which warned that it could lead to an all-out Middle East war.”
The article then gives lots of convincing details before warning that
“There are indications that an attack may be under consideration again.”
It then cites a programme of air raid drills in Israel, long-haul flight exercises by the Israeli air force and various briefings.
There is no doubt Iranian nuclear intentions are a serious threat to Israel and the stability of the region, but a free-lance response by Israel is equally disturbing.

Jun 5,2011

High-level legal guru, Stewart Room, gave an excellent presentation at last week’s East-West Institute Global Cyber Security Summit.  In it he called for a “general obligation for security”, saying:

“I believe that holders of sensitive data, the controllers of important networks, systems and infrastructures – and their supply chains – should face a clear legal requirement to keep these assets safe and secure. As well as describing the obligation, this general security law should describe the consequences of failure.”

He pointed out that:

“It is naive to think that all relevant actors will do what is necessary to protect these assets without a clear steer from the law. Ignorance, laziness, apathy, short sightedness and greed are all powerful counterweights to enlightened self interest.”

He also highlighted the dangers of simply addressing the problem through the prism of the protection of personal data only.  Intellectual property is currently being leeched from corporate data systems all over the world – an issue repeatedly referred to at the Summit.  Likewise the vulnerability of national infrastructure systems – including power grids and water supplies – is also now increasingly apparent.

He warned that:

“In the UK and most of the rest of Europe the law for security is effectively left to reside in the domain of privacy and data protection law. This is a grave mistake. …  it gives the mistaken impression that the law only sees security as being important in the context of the handling of personal data. Of course, we all know that the substance of security extends much further that this. The impact of this problem is worsened by the fact that far too many people and organisations do not take data protection law seriously. Thus, the law is not properly driving behaviours.”

And there may be unintended consequences:

“This gives effective ownership of the field to people who are the least competent to manage it. I am talking about a small cadre of data protection regulators and bureaucrats, who are so slanted toward privacy that they may unwittingly encumber us with anti-security policies, which could jeopardise the health of cyberspace, our economies and our societies.”

He concluded byasking “what will a general obligation for security look like?”:

“Aside from removing the issue from the privacy and data protection domain and describing the nature of the obligation to secure assets and the penalties that may flow in breach, a general obligation for security will capture:

1. Critical definitions. We need to agree the parameters and make sure that we are all talking the same language.

2. The traditional “cyber crime” subject matter, dealing with the criminalisation and prosecution of unacceptable behaviours of hackers, botnets and others whom attack information and information systems. The interests of law enforcement should be properly served.

3. The role of the private sector cyber security industry, so that innovation in IT solutions can continue. We are totally reliant upon the private sector for security solutions, so we must give it our full support.

4. Intelligence sharing between the public and private sectors and across geographical boundaries.

5. The need for identification measures for people and machines operating in cyberspace. Privacy should not provide a cloak for criminals and anti-social behaviour.

6. The right for people and organisations under cyberattack to take offensive action in their defence. This is probably the most controversial point. But we need to ask ourselves whether it is morally right to tie the hands of those under attack. And we need to be sure that we do not open Pandora’s box.”

Whilst ideally this needs a solution in international law, a good start would be made by legal changes in this country to establish a better and more robust framework, whilst British Ministers argue for European-wide changes via Brussels and press the case through the G8 and G20 fora.

There was a palpable sense of urgency about the need for change at last week’s summit.  I hope it was felt by Francis Maude MP, who is apparently now the Minister in charge of cyber-security, and that he takes it back to his Government colleagues.

Mar 21,2011

I was intrigued by this unsigned article on Homeland Security Newswire earlier today which suggests that the current UN-approved bombing campaign in Libya is rather half-hearted and without clear objectives:

“The weekend attacks on targets inside Libya raise more questions about NATO’s ultimate goal in the campaign.

Here is what we know about the attacks on Libya, based on reports by the BBC and Fox News: On the military front

    • The United States fired 124 Tomahawk missiles onto strategic air defense systems across Libya.
    • There were no reports of any allied planes being lost and no reports of civilian injury.
    • A total of 15 U.S. Air Force and Marine Corps aircraft engaged Libya, including three B2 bombers. The bombers targeted pro-Qaddafi ground forces.
    • The U.S. has at least eleven naval vessels in the Mediterranean, including three submarines, two destroyers, two amphibious warfare ships, and the USS Mount Whitney, a command-and-control vessel that is the flagship of the Navy’s 6th Fleet.
    • Also in the area are Navy P-3 and EP-3 surveillance aircraft.
    • Qatar is to send four planes to join the coalition enforcing the UN-mandated no-fly zone. The move would make Qatar the first Arab country to play an active part in the campaign against Col Gaddafi.
    • Other Arab countries are also preparing to join the campaign against Col Gaddafi, Vice Adm. Bill Gortney, the director of the Joint Staff, said, adding that those governments would make their own announcements in due course.
    • The build-up of forces to enforce the no-fly zone continues. The French aircraft carrier Charles de Gaulle has left the Mediterranean port of Toulon for Libya.
    • Denmark and Norway are each sending six planes. Spain has sent at least three planes, plus a refuelling aircraft, while Italy also has jets ready to deploy.
    • In a news conference on Sunday, a Libyan military spokesman said its armed forces had ordered a ceasefire across the entire country, beginning at 21:00 local time (19:00 GMT).
    • Despite the announcement, the BBC correspondent says that pro-Gaddafi troops have tried to enter Benghazi and have been in action at Misrata.
    • A rebel spokesman in Misrata told the BBC that pro-Gaddafi forces had launched fresh attacks on Sunday with heavy shelling.

On the political front

    • The head of the Arab League, who supported the idea of a no-fly zone, has criticized the severity of the bombardment. “What is happening in Libya differs from the aim of imposing a no-fly zone, and what we want is the protection of civilians and not the bombardment of more civilians,” said Arab League Secretary General Amr Moussa. Arab League support was a key factor in getting UN Security Council backing for the resolution authorizing the move.


1. It is not clear, exactly, what targets have been attacked – and what is the overall goal of the campaign. Libya does not have an army the size of Iraq’s circa 2003, but an attack by 124 cruise missiles is on the limited side – and the numbers of planes involved is also on the small side.

2. This small-scale attack may – just may – disrupt Libyan air operations, but unless command, control, and communication facilities were destroyed as well, Gaddafi ’s ability to control his armed forces could not have been degraded by much.

3. Degrading Gaddafi’s capabilities is one thing, but unless the military capabilities – and training — of the anti-government rebels are augmented, they will not be a match to Gaddafi’s regular army, even if that army is shorn of its air assets.

4. The Sudanese campaign in Darfur demonstrated that men on camels need only AK-47s – and the Janjaweed were only AK-47-equipped men on camels — to kill a lot of people and terrorize even more. Unless Gaddafi’s regular units, and his tribal power base, are attacked, his ability to cause a lot of harms remains undiminished.

In short: If what we know about the weekend air campaign is accurate, then there is not enough in it materially to weaken Gaddafi and his forces, nor is there anything in it to strengthen those who oppose him.

The conclusion, then, must be that the campaign is more a part of a complex bargaining process with Gaddafi than a serious effort to topple him from power.

It would be wise for NATO leaders to be clearer about the goal of the campaign against Gaddafi. Democratic public opinion would demand it, and the Arab world, watching the West’s every move, should not be allowed to have unrealistic expectations about what it is we are trying to achieve.”

Certainly, it seems to me that the most likely outcome of what is happening at present is a gruesome stalemate with  Gaddafi in charge of a (reduced) rogue state.  And whilst this might be preferable to an alienated Gaddafi in charge of the whole of Libya, such an outcome is still very worrying and destabilising for the region (if not more widely) with nations like the USA, France and Britain appearing to be in the position of – yet again – bombing a Muslim country.

And will we – and the UN – take the same stance over other regimes in the region taking a similar approach as Gaddafi to dissent on their streets?

Probably not  is the answer.

None of these are easy issues for the UK Government. 

The only entertaining feature is watching Mayor Boris Johnson seeking to establish a little blue water between himself and his Party Leader over the issue, as Gaby Hinsliff tweets:

“& here’s Boris Johnson “helping” no 10 by explaining how risky #libya is. http://bit.ly/gQ1Tk3. note ref to risks of terrorist reprisal”

Feb 20,2011

The lead story on the front page of today’s Sunday Times (behind the paywall) proclaims “China gives £50 million aid for Olympics” and reports that:

“A Chinese company is offering Britain £50 million of ‘aid’ to put in a free mobile phone network in time for the Olympics.

Huawei, one of the worlds biggest telecoms equipment firms, is presenting the offer for the London Underground as a gift from one Olympic host nation to another.”

This proposal has the support of Mayor Boris Johnson.

However, as the Sunday Times warns:

“The offer has been made only two years after intelligence chiefs warned that China could have the capabilityto shut down Britain by bringing down its telecoms and utilities systems.

They raised fears that equipment already installed by Huawei in BT’s network could be used to cripple vital services.

A deal would see Huawei, which has close military links, install mobile transmitters along the ceilings of tunnels so that commuters can make and receive calls for the first time while travelling underground.”

I have been concerned about Huawei for some time.  We are breath-takingly complacent about the vulnerability of our critical national infrastructure and – particularly in the current economic climate – there seems to be no appetite from the Government to prevent huge chunks of it falling into foreign hands.

This is potentially another example – aided and abetted by Mayor Boris Johnson.

Not all Tories are so relaxed (and Mayor Johnson has a reputation for being very relaxed!): Patrick Mercer MP has pointed out:

“… it absolutely answers a terrorists’ prayers to be able to detonate devices on the Underground.  …  It has been proven that a proportion of the cyber attacks on this country come from China.  I wonder when the eyes of the world are upon us whether there is sense in using a Chinese firm to install a sensitive mobile network.”

These are serious matters and a serious London Mayor should not complacently give his support, presumably he hopes that if his eyes are firmly closed and his fingers are crossed that it will all be OK.


Feb 15,2011

There is an arrogance about the Conservative Coalition, especially in respect of those who will bear the brunt of their policies. 

There could not be a starker illustration of this than the story in today’s Sun, “Heroes sacked by email“, which reports that:

“TROOPS were stunned yesterday after 38 senior heroes including one on the Afghan front line were crassly sacked by EMAIL.

The shocked men – all warrant officers – were informed they were victims of defence cuts.

Each got an impersonal message advising them: “Start planning your resettlement.” One stormed: “I thought it was a joke.”

The MoD was branded “shameful and callous”.

The group, who all have more than 20 years’ service, includes a Royal Tank Regiment veteran unceremoniously dumped while serving on the frontline in Afghanistan. Another – who risked his life doing FIVE warzone tours – said: “It was out of the blue. We’re disgusted.

“Essentially 38 of us are ‘sacked’ having spent our lives in the military. It’s not good – five tours of duty and sacked by email.””

Shadow defence secretary Jim Murphy has responded to the news, saying the soldiers had been treated in a “callous, cold-hearted, soulless” way and called on ministers to take responsibility for the incident.

“We can’t halt every redundancy in the armed forces, but this is no way to treat men and women who have served their country fearlessly for so many years,” he told the BBC Radio 4’s Today programme.

“Sacking anybody by e-mail is wrong, but sacking our armed forces in this way is absolutely unforgivable.”

Is he bothered?

Are they bothered?

Expect more of this.

Dec 1,2010

I spent a large part of today sitting in on a table-top exercise designed to see how London’s police and other services and agencies would respond to a developing emergency on the streets of London.  It would be inappropriate to go into more details. However, it did bring home to me the importance and value of such exercises.

I will readily admit to once having been something of a cynic about such “war-gaming”.  The idea of bringing together quite a large group of people to act out how they would do their jobs in an imaginary set of circumstances at first sight could appear rather absurd.  Yet the evidence from de-briefs after real emergencies convinced me long ago that these sorts of exercises and practices have a real benefit.  Organisations or parts of organisations that only work together occasionally or only do so under normally fairly clearly-defined situations need to understand each other’s capabilities and practices in the very different circumstances that would apply in a major emergency.  Exercises mean that key individuals get to know each other, procedures are tested and worked through and – most importantly – potential problems are identified and can be resolved.

Although some of the reports from the inquest into the deaths of those killed in the July 2005 bombings have inevitably focused on those things that did not work as well as they might have done, much of what the witnesses have described has demonstrated how well London’s emergency services performed under the terrible circumstances of that day.  I know from those I have spoken to who were intimately involved how important previous exercises had been in planning for what unfolded five years ago and improving the collective response of the emergency services.

I am sure today’s exercise will have been similarly valuable, even though one hopes that the procedures tested never have to be carried out for real.  Several issues emerged where it was clear existing plans were inadequate or required further consideration.  And it has to be better to discover such problems in an exercise than in the middle of a full-scale emergency.

Nov 18,2010

We are told that there will be a revamped National Cyber Security Strategy published in the next few months.  This will explain what the £650 million of new money allocated for cyber security in the spending review will actually be used to deliver (I understand that Whitehall Departments are still bickering over who will get their hands on this money – the Ministry of Defence and the Home Office both believe it should come to them rather than the Cabinet Office).

However, I wonder whether it will also propose legislation.  In the United States a number of members of Congress are putting forward what they are calling the “Homeland Security Cyber and Physical Infrastructure Protection Act of 2010”.  This will give a statutory basis to the Office of Cybersecurity & Communications based in the Department of Homeland Security and would, in particular, create a new Cybersecurity Compliance Division to oversee the establishment of performance-based standards responsive to the particular risks to the .gov domain and critical infrastructure networks.

This is an interesting model.  In the UK, the Government bodies that are responsible for protecting the critical national infrastructure do not have a statutory basis and do not have any formal powers.  In my view, this hampered the effectiveness of the old National Infrastructure Security Coordination Centre, which is now incorporated into the Centre for the Protection of the National Infrastructure and falls under the ambit of the Security Service.

I have long advocated that underpinning the “voluntarist” and consensual framework Government needs to have a statutory frmaework that – in extremis – can be used to require Government agencies and those private companies that supply much of the national infrastructure to meet certain minimum standards and can direct action effectively in the event of some major problem arising.

Nov 15,2010

It is a sign that a politician has achieved a certain status when folk songs are written about them.

George Osborne’s cup must thererefore be running over about this:


Oct 26,2010

One of the lead stories on the BBC News this morning was “Police in training for ‘Mumbai-style’ gun attack in UK“.  This reported that:

“UK security chiefs have ordered an acceleration in police training to prepare for any future “Mumbai-style” gun attack in a public place.

A series of counter-terrorism exercises are being held with police marksmen training alongside units of the SAS.

Police armed response units are also being given more powerful weapons.”

There is no doubt that this issue is one of the current preoccupations of those concerned with security on the British mainland (and indeed elsewhere in Europe).  There is also no doubt about how difficult this would be to cope with given the current style of British policing.

Most police officers here are unarmed.  Even in London, where the Metropolitan Police has a higher proportion of armed officers than elsewhere (mainly because of static protection responsibility around embassies, Government buildings, Heathrow airport etc), only around one in ten officers are authorised ever to carry guns and the areas where there are routine armed patrols are very limited.

In Mumbai, over a three-day period in November 2008, ten terrorists operating in pairs with automatic weapons, improvised explosive devices, equipped with GPS and apparently communicating with a remote controller by mobile telephone, killed 173 people and wounded 308.  They applied hit and run tactics, were opportunistic, took hostages and established defensible positions.

By contrast,earlier this year in Cumbria, a lone individual, Derrick Bird, armed with two non-automatic weapons went on a killing spree which left twelve dead and a similar number seriously wounded before he killed himself.

Gross that tally up with more gunmen, automatic weaponry in a more populous area and the scale of what is possible becomes apparent.  For any Western democracy, planning a strategy to deal with a ruthless heavily armed coordinated attack in a populous city is no easy task.

Current training does not equip the police to deliver the sort of response needed to deal with Mumbai-style insurgents.  And it would be the police that would be likely to be the first on the scene.

For those who think Special Forces are the answer, it is worth remembering that the time for any conventional armed forces to be mobilised would be measured in hours –  and this would inevitably mean a very high casualty rate before any intervention could succeed.

It is no surprise therefore that the BBC reports that “David Cameron has taken a personal interest in the problem ever since his first threat assessment given to him when he took office in May.”

And there are real dilemmas.  Even in London – with more armed police to draw on – dealing with multiple mobile attacks would be extremely difficult and police tactics are focused on containing an incident – usually involving a single gunman.  Exchanging fire with heavily armed ruthless gunmen requires military-style engagement and different weapons and ammunition.  Police officers have not previously been trained in this way and not all of the currently armed officers would be suitable for such a task or willing to engage in it.

Such training will take time.

And even when units of suitably trained officers have been created, having them on continuous standby will be expensive and having such units on regular patrol will mark a massive movement away from the traditional vision of unarmed British bobbies-on-the-beat.

Today’s BBC report will no doubt start a public debate on the implications of all this, but the reality is that the face of British policing is likely to be changed forever as a result – particularly if the public expenditure review means that more conventional “traditional” policing has to be cut back to pay for it.

Oct 19,2010

I am told that some people are having trouble understanding the logic behind the decisions on aircraft carriers contained in the Strategic Defence and Security Review.

This will help:

Helpfully highlighted by Guido Fawkes.

And it was made three years ago ….