British Spy Agency Was Hacked 20 Years Ago

Uploaded on 2023-07-19 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

June 2023 marked the 20th anniversary of the first time cyber experts at GCHQ responded to a foreign state hacking the British government, the spy agency has revealed recently. But even 20 years on the full details of the hack haven’t been disclosed. 

The National Cyber Security Centre (NCSC), a part of GCHQ, said the agency scrambled its cyber experts in 2003 to respond “after a government employee detected suspicious activity on one of their workstations.” 

“A suspected phishing email had been identified, so technical specialists sought help from the Communications-Electronics Security Group (CESG), the information assurance arm of GCHQ at that time,” stated NCSC. 

The CESG analysis discovered malware installed on the government employee’s device that had been designed to steal sensitive data while evading anti-virus software. The NCSC said that the CESG analysis of the malware’s capabilities raised “suspicions about the attack’s intent and set in motion a series of actions that was transformative to cyber incident investigations.”

The agency did not describe how transformative the actions were, but said: “For the first time, GCHQ fused its signals intelligence capabilities with its cyber security function to investigate and identify the actor responsible.”

The analysis concluded that the malware had been developed by a nation-state for the purpose of espionage, although NCSC declined to identify the state and the government department affected. The CESG was rolled into NCSC when it was founded in 2016, alongside a number of other authorities including CERT-UK, and parts of the Centre for Protection of National Infrastructure, which has since become the National Protective Security Authority and an avowed part of MI5.

The NCSC’s director of operations, Paul Chichester commented, “Twenty years ago, we were just crossing the threshold of the cyber attack arena, and this incident marked the first time that GCHQ was involved in a response to an incident affecting the UK Government “It was also the first time that the UK and Europe started to understand the potential online risks we faced and our response transformed how we investigate and defend against such attacks,” he added.

At the time of the 2003 hack, much of the news about cyber security stemmed from worms and viruses that affected consumer products or from hackers intent on crime or mischief, not nation-state cyberattacks. 

“The NCSC and our allies have come such a long way since this incident, and it is reassuring to be at the forefront of efforts to develop tools and techniques to defend against cyber threats and keep our respective nations safe online,” Chichester said.

NCSC FT:    The Record:    The Times:   Guardian:    

You Might Also Read: 

British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« SCADA Is Dead, Or Is It?
A Million British Medical Patient Records Hacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

Detectify

Detectify

Detectify is a web security service that simulates automated hacker attacks on your website, detecting critical security issues before real hackers do.

tietoEVRY

tietoEVRY

TietoEVRY creates digital advantage for businesses and society. We are a leading digital services and software company with local presence and global capabilities.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

G Data CyberDefense

G Data CyberDefense

G DATA developed the world's first antivirus software, and we have remained pioneers in innovation for IT security ever since.

Approach

Approach

Approach is a leading provider of cyber security consulting and secure application development services in Belgium.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Barikat Cyber Security

Barikat Cyber Security

Barikat is a provider of information security solution and services including security analysis and compliance, security testing, managed security services, incident response and training.

BlackDice Cyber

BlackDice Cyber

Threat Intelligence is only part of the solution. Our solution matches threats to vulnerabilities and automatically takes remedial action against compromised apps, devices and websites.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.

Opus Security

Opus Security

Opus dramatically reduces cloud security risks by enabling teams to define, orchestrate, automate and measure remediation processes across the entire distributed organization.

Cerby

Cerby

Your team uses unmanageable applications that put you, your company, and your data at risk. Protect, secure, and accelerate your business automatically with Cerby.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.

Hive

Hive

Hive is a leading provider of cloud-based AI solutions to understand, search, and generate content, and is trusted by hundreds of the world's largest and most innovative organizations.

Fairly AI

Fairly AI

Fairly AI is on a mission to democratize safe, secure, and compliant AI across the enterprise.