UK is nearly ready to launch force to hit hostile countries with cyberattacks

The specialist unit will be dedicated solely to offensive action to combat security threats, extremism, hackers, disinformation and election interference

Kim Sengupta
Defence Correspondent
Friday 10 January 2020 22:27
Comments
The GCHQ headquarters in Cheltenham, nicknamed 'The Doughnut'
The GCHQ headquarters in Cheltenham, nicknamed 'The Doughnut'

Britain is in the final stages of setting up a security force to wage offensive cyberwarfare against terrorist groups, hostile states and organised crime groups that are threats to the country, The Independent has learnt.

The American assassination of Iranian general Qassem Soleimani has added urgency to the progress of the specialist unit, amid risks of a cyber conflict that could affect the UK.

The National Cyber Force (NCF), operated by the Ministry of Defence and GCHQ, will be the first organisation in Britain dedicated solely to offensive action against adversaries abroad.

A government spokesperson said the MoD and GCHQ “have a long and proud history of working together in the national interest and continue to tackle the real threats that the UK faces from a range of hostile actors”.

There is no evidence that the Iranians plan to target the UK in response to the killing carried out by Donald Trump’s administration. But militant groups may decide to carry out strikes autonomously, security sources point out.

It also remains the case that a cyberattack is not necessarily nation-specific. A hit on an American bank at commercial hubs such as the City of London or Frankfurt would have a highly damaging ripple effect.

Around £76m is due to be invested in the force in the first year, with command and control shared between the MoD and the Government Communications Headquarters in Cheltenham. Recruitment is projected to take place from the armed forces and intelligence services, as well as academia and the private sector.

The NCF will operate alongside the National Cyber Security Centre (NCSC), which primarily concentrates on defensive cyber activities to protect government departments, strategic infrastructure and industry.

The need for an organisation such as the NCF has been increasingly recognised in security and military circles – due to the rapid rise of extremist propaganda, allegations of Russian interference in western elections and referendum campaigns, disinformation following the Salisbury poisoning, and attacks on public and private institutions by hacking gangs.

Iran was blamed in 2012 for targeting Wall Street banks with denial-of-service attacks, knocking their websites offline in retaliation against US sanctions. In 2015, Turkey blamed Tehran for cyberattacks that hit its electricity grid, shutting down power for 40 million people. Two years ago, dozens of parliamentary accounts in the UK were breached in attacks linked to Iran. And earlier this year, Tehran was blamed for data hacks of American businesses.

The Iranian government has firmly denied the allegations.

The NCF is expected to expand its activities to crime networks involved in gun and drug smuggling, as well as people trafficking, which often augments the earnings of extremist groups.

Offensive cyber action had been carried out on an ad-hoc basis against Isis in Syria and Iraq. Setting up the NCF has been delayed, say western officials, by distractions caused by uncertainties over Brexit and frequent changes of ministers and secretaries of state in the MoD.

Certain operational details are yet to be finalised, but the plan is set to be given the go-ahead in the near future.

Last year, then-defence secretary Penny Mordaunt spoke of a £22m boost to “create new cyber operations centres’’ but gave no indication that they would be conducting offensive operations.

Her successor, Ben Wallace, is believed to be a strong proponent of the NCF. Speaking to the Nato Parliamentary Assembly in London in October, he warned that responses to “cyber [attacks], disinformation, assassination, corruption” by hostile parties “have not been good enough”. The defence secretary continued: “We are neither nimble enough nor deterring enough and that is where we must aim our investments.”

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in