British Spy Agency Was Hacked 20 Years Ago

Uploaded on 2023-07-19 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

June 2023 marked the 20th anniversary of the first time cyber experts at GCHQ responded to a foreign state hacking the British government, the spy agency has revealed recently. But even 20 years on the full details of the hack haven’t been disclosed. 

The National Cyber Security Centre (NCSC), a part of GCHQ, said the agency scrambled its cyber experts in 2003 to respond “after a government employee detected suspicious activity on one of their workstations.” 

“A suspected phishing email had been identified, so technical specialists sought help from the Communications-Electronics Security Group (CESG), the information assurance arm of GCHQ at that time,” stated NCSC. 

The CESG analysis discovered malware installed on the government employee’s device that had been designed to steal sensitive data while evading anti-virus software. The NCSC said that the CESG analysis of the malware’s capabilities raised “suspicions about the attack’s intent and set in motion a series of actions that was transformative to cyber incident investigations.”

The agency did not describe how transformative the actions were, but said: “For the first time, GCHQ fused its signals intelligence capabilities with its cyber security function to investigate and identify the actor responsible.”

The analysis concluded that the malware had been developed by a nation-state for the purpose of espionage, although NCSC declined to identify the state and the government department affected. The CESG was rolled into NCSC when it was founded in 2016, alongside a number of other authorities including CERT-UK, and parts of the Centre for Protection of National Infrastructure, which has since become the National Protective Security Authority and an avowed part of MI5.

The NCSC’s director of operations, Paul Chichester commented, “Twenty years ago, we were just crossing the threshold of the cyber attack arena, and this incident marked the first time that GCHQ was involved in a response to an incident affecting the UK Government “It was also the first time that the UK and Europe started to understand the potential online risks we faced and our response transformed how we investigate and defend against such attacks,” he added.

At the time of the 2003 hack, much of the news about cyber security stemmed from worms and viruses that affected consumer products or from hackers intent on crime or mischief, not nation-state cyberattacks. 

“The NCSC and our allies have come such a long way since this incident, and it is reassuring to be at the forefront of efforts to develop tools and techniques to defend against cyber threats and keep our respective nations safe online,” Chichester said.

NCSC FT:    The Record:    The Times:   Guardian:    

You Might Also Read: 

British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« SCADA Is Dead, Or Is It?
A Million British Medical Patient Records Hacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

ANIS

ANIS

ANIS represents the interests of Romanian IT companies and supports the development of the software and services industry.

Cyberteq

Cyberteq

Cyberteq is an innovative Information and Communication Technology Consulting Company, enabling it’s customers to take full advantage of the latest technologies in a secure manner.

e-Lock

e-Lock

e-Lock services include IT security consulting and training, security systems integration, managed security and technical support.

Aiuken Cybersecurity

Aiuken Cybersecurity

Aiuken is an international IT Security company, focused on communications and IT technologies, specialised in Security and Cloud Services solutions with high added value.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

iSolutions

iSolutions

iSolutions is an official reseller and engineering company of leading products and solutions for cybersecurity and information protection, optimization, visualization and control of applications

Carve Systems

Carve Systems

Carve Systems was founded to bring enterprise level information security, training, and risk management services to organizations of any size and industry.

Content+Cloud

Content+Cloud

Content+Cloud is a leading technology services business and Managed Services Provider (MSP) with a genuine passion for helping your organisation to succeed, whatever your ambitions.

MailChannels

MailChannels

MailChannels protects companies against malicious email threats. Used by 750+ hosting providers around the world.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

COGITANDA Dataprotect

COGITANDA Dataprotect

COGITANDA are a group of companies focused on dealing with cyber risks, managing them and insuring them.

Cribl

Cribl

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy.

Hubble

Hubble

Hubble grew from the idea that legacy solutions were failing to provide organizations with the asset visibility they needed to effectively secure and operate their businesses.

Exertis Cybersecurity

Exertis Cybersecurity

Exertis Cybersecurity is a sub-division of Exertis Enterprise. We provide market-leading cybersecurity solutions that help to address the cybersecurity challenges that organisations face today.