Cabinet ministers' email accounts have been targeted by Isis hackers thought to include a British jihadist killed in a US air strike last month.
Whitehall officials were alerted by GCHQ in May to attempts to steal information from the personal correspondence of senior figures such as Home Secretary Theresa May, The Telegraph said.
It reported that it remained unclear what material had been accessed but it was not considered a security breach and the investigation by the UK's listening post had exposed plans to attack the UK.
Prime Minister David Cameron said the direct threat of a deadly outrage justified the decision to authorise last month's unprecedented lethal RAF drone strike in Syria against a British IS fighter - Reyaad Khan.
He told MPs Khan and fellow Brit Junaid Hussain - killed by a US drone on August 24 - were planning “barbaric attacks against the West”, including terror plots targeting “high-profile public commemorations” this summer.
Computer hacker Hussain was jailed for six months in June 2012 after he admitted making prank calls to a counter-terror hotline and publishing former prime minister Tony Blair's address book.
He is understood to have been leading the extremist group's hacking operation and to have been behind a jihadist computer group calling itself the Cyber-Caliphate, which briefly took control of a Pentagon-owned Twitter account in January.
The 21-year-old from Birmingham is believed to have fled Britain to travel to Syria in 2013, and in June this year he was linked to a plot to attack an Armed Forces Day parade in south London.
The plan to explode a pressure cooker bomb - killing soldiers and bystanders on the route - was reportedly foiled after Hussain unwittingly recruited an undercover investigator from The Sun to carry it out.
Security procedures were tightened and passwords changed in the wake of the discovery, The Telegraph said.
A GCHQ spokesman said: “We don't comment on intelligence matters.”