New data revealed in Parliament shows that 34 UK government departments have IT security that is “red-rated” - the worst score possible on the scoring system used to determine the security of IT systems and devices.
11 of these red-rated scores were attributed to Ministry of Defense (MoD) systems which means these systems are highly exposed to cyber attacks and breaches, as well as being inefficient and unsuitable for use.
In other government departments, the Department for Work and Pensions had six red-rated systems, the Ministry of Justice had five, and the Home Office and Cabinet office had four apiece.
“We don't even get the basics right”
This data was revealed in Parliament in response to questions raised by MP Matt Rodda, the Labour Party’s artificial intelligence minister who responded stating, “The scale of this problem is completely unacceptable. The Ministry of Defence, the department primarily responsible for Britain's security, should not have such serious failings in its systems. We don't even get the basics right.”
He continued by saying that it is in the public interest to know if such failures amount to a national security risk, “as its own criteria would suggest.”
The Joint Committee on National Security Strategy released a report last month that found the Home Office had consistently given low priority to ransomware threats, with a further report showing that the current regulatory framework concerning cybercrime, known as the Computer Misuse Act, was introduced before the internet and remains outdated due to a lack of reform.
The report further criticizes the Home Office’s response to ransomware as a national security risk, stating that former Home Secretary Suella Braverman prioritized issues such as illegal migration and small boats, and “showed no interest” in the threat posed by ransomware.
Speaking to TechRadar Pro, ESET’s Global Cybersecurity Advisor Jake Moore, said, “This is extremely worrying especially when government systems are constantly targeted by numerous threat actors. Fixing legacy problems has always been a thorn in the side of the government but when national security is at risk, these issues need to be addressed immediately.
“Costs are often seen as the reason behind a slower uptake on such fixes but now it is seen as a serious risk, it should hopefully be recognised as essential investments in national security and a critical step towards safeguarding the country’s digital infrastructure.”
The Defense Ministry has said that £4 billion is being invested into its Defense Digital Reform Programme, with a government spokesperson further stating, “We take the issues of resilience and security of our IT networks extremely seriously and we have always ensured that government IT systems keep pace with technological change.”
More from TechRadar
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.
He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.
Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.