Protecting British citizens from cyber attacks must be given same priority as fighting terrorism, GCHQ head warns

Jeremy Fleming says hostile states, criminals and terrorists 'quick to spot new ways of doing us harm'

Lizzie Dearden
Home Affairs Correspondent
Monday 09 October 2017 10:59 BST
The WannaCry ransomware attack was one of the biggest cyber incidents to affect the UK
The WannaCry ransomware attack was one of the biggest cyber incidents to affect the UK (EPA)

Protecting British citizens against cyber attacks must be given the same priority as fighting terrorism, the head of GCHQ has warned as online threats continue to rise.

Jeremy Fleming, the former deputy director of MI5, said that as the “technological revolution” spreads benefits like instant connectivity and encrypted communications, hostile states, terrorists and criminals are using the same features for their own ends.

“Protecting the digital homeland – keeping our citizens safe and free online – must become and remain as much part of our mission as our global intelligence reach and our round-the-clock efforts against terrorism,” he wrote in a column for the Telegraph.

“Our adversaries are quick to spot new ways of doing us harm. We see that in the way terrorists are constantly changing their weapons or states are using their full range of tools to steal secrets, gain influence and attack our economy.”

The vast majority of cyber attacks are attributed to criminal groups, although the information they steal may later be sold to other parties.

The Independent revealed that Isis-linked hackers targeted NHS websites earlier this year, while the terrorist group is known to have a cyber division formerly led by British militant Junaid Hussain.

Mr Fleming hailed the work of GCHQ’s National Cyber Security Centre (NCSC), which was set up last year, in preventing attacks and responding to major incidents like WannaCry and attacks on the Westminster and Scottish parliaments.

 Islamist hackers were linked to Isis carried out an attack on a series of NHS websites in a cyber attack exposing serious flaws in security systems meant to protect sensitive information 

He said much of the work done by GCHQ “must remain secret” but his comments were another indication that the agency is moving out of the shadows, broadening its recruitment efforts and trying to engage more with the media and public.

Mr Fleming said extra government funding is being used to “make GCHQ a cyber organisation as well as an intelligence and counter-terrorism one” as it works with fellow intelligence agencies MI5 and MI6, the police and armed forces.

His warning came after the NCSC said it had registered 1,131 incidents in the past year alone, including 590 “significant” cyber attacks and more than 30 that required a cross-Government response.

Ciaran Martin, chief executive of the centre, said the UK “faces threats from across the globe on a daily basis”.

“It’s not a question of ‘if’ cyber attacks will happen, it’s a matter of when,” he added.

“We are proud of what we have achieved in our first 12 months, but there is so much more to do in the years ahead to counter this threat to our values, prosperity and way of life."

The most high-profile episode was the global WannaCry ransomware outbreak that affected dozens of NHS trusts in May, while in June email accounts were targeted in an attack on parliamentary networks.

The NCSC said it also dealt with attacks on businesses and other organisations but was unable to give details.

It has sounded warnings over the potential exploitation of the “internet of things” – Wi-Fi connected everyday objects and gadgets - that can be vulnerable to attack.

Intelligence agencies have also warned that hostile states and parties may use cyber attacks to damage the UK’s democracy, economy, or target critical national infrastructure like power stations and transport.

In June, the head of France’s digital security agency said the world was heading towards a “permanent war” in cyberspace.

Guillaume Poupard, director general of the National Cybersecurity Agency of France (ANSSI) said intensifying attacks were coming from unspecified states, as well as criminal and extremist groups.

“We must work collectively, not just with two or three Western countries, but on a global scale,” he added, saying attacks could aim at espionage, fraud, sabotage or destruction.

“We are getting closer, clearly, to a state of war - a state of war that could be more complicated, probably, than those we've known until now.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in