British Spy Agency Was Hacked 20 Years Ago

June 2023 marked the 20th anniversary of the first time cyber experts at GCHQ responded to a foreign state hacking the British government, the spy agency has revealed recently. But even 20 years on the full details of the hack haven’t been disclosed. 

The National Cyber Security Centre (NCSC), a part of GCHQ, said the agency scrambled its cyber experts in 2003 to respond “after a government employee detected suspicious activity on one of their workstations.” 

“A suspected phishing email had been identified, so technical specialists sought help from the Communications-Electronics Security Group (CESG), the information assurance arm of GCHQ at that time,” stated NCSC. 

The CESG analysis discovered malware installed on the government employee’s device that had been designed to steal sensitive data while evading anti-virus software. The NCSC said that the CESG analysis of the malware’s capabilities raised “suspicions about the attack’s intent and set in motion a series of actions that was transformative to cyber incident investigations.”

The agency did not describe how transformative the actions were, but said: “For the first time, GCHQ fused its signals intelligence capabilities with its cyber security function to investigate and identify the actor responsible.”

The analysis concluded that the malware had been developed by a nation-state for the purpose of espionage, although NCSC declined to identify the state and the government department affected. The CESG was rolled into NCSC when it was founded in 2016, alongside a number of other authorities including CERT-UK, and parts of the Centre for Protection of National Infrastructure, which has since become the National Protective Security Authority and an avowed part of MI5.

The NCSC’s director of operations, Paul Chichester commented, “Twenty years ago, we were just crossing the threshold of the cyber attack arena, and this incident marked the first time that GCHQ was involved in a response to an incident affecting the UK Government “It was also the first time that the UK and Europe started to understand the potential online risks we faced and our response transformed how we investigate and defend against such attacks,” he added.

At the time of the 2003 hack, much of the news about cyber security stemmed from worms and viruses that affected consumer products or from hackers intent on crime or mischief, not nation-state cyberattacks. 

“The NCSC and our allies have come such a long way since this incident, and it is reassuring to be at the forefront of efforts to develop tools and techniques to defend against cyber threats and keep our respective nations safe online,” Chichester said.

NCSC FT:    The Record:    The Times:   Guardian:    

You Might Also Read: 

British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« SCADA Is Dead, Or Is It?
A Million British Medical Patient Records Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

AppRiver

AppRiver

AppRiver is a global provider of cloud-based email and web security solutions that protect businesses worldwide from today's ever-changing online threats.

DoSarrest Internet Security Ltd

DoSarrest Internet Security Ltd

DOSarrest is a fully managed security firm specializing in cloud based DDoS protection services to a worldwide client base.

Barracuda Networks

Barracuda Networks

Barracuda provides a range of solutions covering network security, data storage, protection and disaster recovery.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

NetFort

NetFort

NetFort provides software products to monitor activity on virtual and physical networks.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

Digiserve

Digiserve

Digiserve by Telkom Indonesia is an end-to-end managed solutions provider committed to empowering enterprises in Indonesia.

Cyscale

Cyscale

Cyscale is a consultancy and development agency helping Enterprises adopt and migrate to the Cloud by providing an Automated Cloud Security Platform.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

Bessemer Venture Partners (BVP)

Bessemer Venture Partners (BVP)

Bessemer Venture Partners was born from innovations that literally forged modern building and manufacturing. Today, our team of investors works with people who want to create revolutions of their own.

Africa ICS Cyber Security Conference

Africa ICS Cyber Security Conference

Africa's largest ICS Cyber Security Conference and Expo. The only platform that will proudly present top level B2B and B2C networking opportunities.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

ScorpionShield

ScorpionShield

ScorpionShield CyberSecurity is an EC-Council Accredited Training Center, and an On-Demand Service for Cybersecurity professionals.

BlastWave

BlastWave

BlastWave’s BlastShield integrates three innovative products into a single solution to help prevent inadvertent and intentional attacks.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

Bit Sentinel

Bit Sentinel

Bit Sentinel is an information security company. We help companies like yours discover, prioritize, and effectively remediate potential cybersecurity risks.