UK’s Offensive Cyber Warfare Ability ‘More Than Doubles’


GCHQ has “over-achieved” in building up its offensive cyber-capabilities, official report finds

The UK has more than doubled the number of offensive cyber-capabilities in recent years, as GCHQ ramps up its ability to hit back at those launching cyber-attacks against this country.

This is one of many findings in an official report from the Intelligence and Security Committee of Parliament (ISC), the cross-party body of nine parliamentarians from the Commons and the Lords, tasked with overseeing the work of British intelligence agencies.

The report, part of it have been redacted, also pointed out that the UK is facing a diverse range of cyber threats including from state actors (Russia, China, Iran, North Korea etc), to organised crime groups and terrorist organisations, as well as individual criminals.

HSBC, security

Oh Those Russians

The report states that these threats involve damage to the economy, individual prosperity or privacy.

But increasingly there is a risk of physical damage in the ‘real world’ as well, as evidenced a few years ago after a German steelworks suffered extensive damage after its network was hacked.

The report cited Russia’s more “brazen approach to its cyber activities, after “the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton,” when it hacked the Democratic National Committee emails.

The report also said “such escalation clearly indicated that Russia was no longer concerned about its activities remaining covert.

“The combination of the high capability of state actors with an increasingly brazen approach places  an ever greater importance on ensuring the security of systems in the UK which control the Critical National Infrastructure,” said the report. “Detecting and countering high-end cyber activity must remain a top priority for the Government.”

Bolstering Cyber Defence

The report that between 2011 and 2016, the Government had allocated £860m to the National Cyber Security Programme, and for the five years from 2016 to 2021, the Government “has in recognition of the threat –  significantly increased funding and allocated £1.9bn for the new National Cyber Security Strategy.

“We have the means to defend the UK against evolving cyber threats, to respond effectively to incidents, to ensure UK networks, data and systems are protected and resilient,” said the report.

“We detect, understand, investigate and disrupt hostile action taken against us, pursuing and prosecuting offenders,” said the report. “We have the means to take offensive action in cyberspace, should we choose to do so.”

Indeed, GCHQ and the government now has in place an ‘Active Cyber Defence’, which involves “taking a proactive approach to the cyber security of the UK.”

The report noted that there has been a significant shift in Government thinking about cyber security over recent years, but retaining and recruiting skilled personnel still remains a challenge.

Offensive Capabilities

The report said that GCHQ now has serious cyber offensive capabilities, and has the ability to attack other country’s communications, weapons systems and even infrastructure.

“This is on a different scale and it is the full spectrum of capabilities from tactical stuff  ***…  right through to what we would say is the high end of counter state offensive cyber capabilities which might never be used but are the sort [of] high-end deterrents, if you like, and everything in between,” said the report.

“GCHQ’s allocation of effort to developing offensive cyber capabilities has increased very substantially between 2014/15 and 2015/16, from ***% to ***%.”

“We actually over-achieved and delivered [almost double the number of] capabilities [we were aiming for ***],” said the report.

One of the thorny issues for British intelligence agencies is working to agreed “rules of engagement”.

It points out the difficulty of “attributing cyber attacks (and even where they can be technically attributed) proving this to an international legal standard without revealing sensitive capabilities or accesses is generally not possible.”

Ever since 2011 the United States has said that it reserves the right to retaliate with military force against a cyber attack from a hostile state.

The report comes just one day after the United States finally joined the UK who had months ago publicly blamed North Korea for the Wannacry attack, which hit the NHS in May 2017.

Do you know all about security in 2017? Try our quiz!