Attack on government
This risk is featured in the full matrix, representing the averages of multiple different scenarios presented together in the ‘conventional attacks on infrastructure’ category and the ‘cyber attacks on infrastructure category’.
| Impact | 5 |
|
|
|
|
|
|||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 4 |
|
|
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||
| 3 |
|
|
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||
| 2 |
|
|
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||
| 1 |
|
|
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||
| 1 |
2 |
3 |
4 |
5 |
|||||||||||||||||||||||||||||||||||||||||||||||
| Likelihood | |||||||||||||||||||||||||||||||||||||||||||||||||||
| ID | 10 |
|---|---|
| Risk theme | Terrorism |
Impact & Likelihood
| 5 | Catastrophic |
|---|---|
| 4 | Significant |
| 3 | Moderate |
| 2 | Limited |
| 1 | Minor |
| 5 | >25% |
|---|---|
| 4 | 5-25% |
| 3 | 1-5% |
| 2 | 0.2-1% |
| 1 | <0.2% |
Background
In order for the government to function effectively and provide services to citizens of the UK, it is vital that government assets, including property and information, remain secure from external threats. There is a broad community of organisations and teams across government who work to ensure that – by monitoring, detecting, deterring and responding to any attack attempt
Scenario
An attack on government assets or democratic processes (through conventional or cyber-enabled means) could lead to: the loss of important government functions; the disruption of critical government services; impacts on local government services; damage to public trust in the government; interference in elections and democratic processes; and the possibility of reputational damage for the UK overseas. It could also lead to loss or compromise of sensitive information held by the government, or in the case of a conventional attack, injury/loss of life.
Response capability requirements
There is a broad community of organisations and teams across government who work to ensure this – by monitoring, detecting, deterring and responding to any attack attempt. The Government Security Group is responsible for security across government, including the implementation of the Government Cyber Security Strategy. The National Technical Authorities, including the National Cyber Security Centre and the National Protective Security Agency provide expert advice. The emergency services and military are equipped to provide a robust response to any conventional attack. The UK also has established structures (including incident response capabilities) in place to safeguard the integrity and security of UK democratic processes from interference, including cyber threats.
Recovery
The complexity, impact and level of response would determine the recovery timeline. There could be an impact across government and local authorities, requiring the enactment of business continuity plans. Government priorities would change to respond to the attack, which could result in a backlog to other work.