British Spy Agency Was Hacked 20 Years Ago

Uploaded on 2023-07-19 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

June 2023 marked the 20th anniversary of the first time cyber experts at GCHQ responded to a foreign state hacking the British government, the spy agency has revealed recently. But even 20 years on the full details of the hack haven’t been disclosed. 

The National Cyber Security Centre (NCSC), a part of GCHQ, said the agency scrambled its cyber experts in 2003 to respond “after a government employee detected suspicious activity on one of their workstations.” 

“A suspected phishing email had been identified, so technical specialists sought help from the Communications-Electronics Security Group (CESG), the information assurance arm of GCHQ at that time,” stated NCSC. 

The CESG analysis discovered malware installed on the government employee’s device that had been designed to steal sensitive data while evading anti-virus software. The NCSC said that the CESG analysis of the malware’s capabilities raised “suspicions about the attack’s intent and set in motion a series of actions that was transformative to cyber incident investigations.”

The agency did not describe how transformative the actions were, but said: “For the first time, GCHQ fused its signals intelligence capabilities with its cyber security function to investigate and identify the actor responsible.”

The analysis concluded that the malware had been developed by a nation-state for the purpose of espionage, although NCSC declined to identify the state and the government department affected. The CESG was rolled into NCSC when it was founded in 2016, alongside a number of other authorities including CERT-UK, and parts of the Centre for Protection of National Infrastructure, which has since become the National Protective Security Authority and an avowed part of MI5.

The NCSC’s director of operations, Paul Chichester commented, “Twenty years ago, we were just crossing the threshold of the cyber attack arena, and this incident marked the first time that GCHQ was involved in a response to an incident affecting the UK Government “It was also the first time that the UK and Europe started to understand the potential online risks we faced and our response transformed how we investigate and defend against such attacks,” he added.

At the time of the 2003 hack, much of the news about cyber security stemmed from worms and viruses that affected consumer products or from hackers intent on crime or mischief, not nation-state cyberattacks. 

“The NCSC and our allies have come such a long way since this incident, and it is reassuring to be at the forefront of efforts to develop tools and techniques to defend against cyber threats and keep our respective nations safe online,” Chichester said.

NCSC FT:    The Record:    The Times:   Guardian:    

You Might Also Read: 

British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« SCADA Is Dead, Or Is It?
A Million British Medical Patient Records Hacked »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Fortinet

Fortinet

Fortinet is a provider of network security systems. Our products provide protection against dynamic security threats while simplifying the IT security infrastructure.

Thinklogical

Thinklogical

Thinklogical manufactures secure, KVM, video, audio, and computer peripheral signal switching solutions for defence C4ISR applications.

Beta Systems Software

Beta Systems Software

Beta Systems automate IT-based business processes, control access rights, monitor processes, secure the network and optimize the infrastructure management of corporate IT.

Honeynet Project

Honeynet Project

The Honeynet Project is a leading international non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools.

Data Protection People

Data Protection People

Data Protection People are specialists in Data Privacy, Governance, and Information Security.

OutThink

OutThink

OutThink is a web-based platform (SaaS) that has been developed specifically to identify and reduce risky workforce behaviours and build a risk aware culture.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Vilnius Tech Park

Vilnius Tech Park

The region‘s most complex and integrated ICT hub, Vilnius Tech Park aims to attract and unite innovative talent from big data, cyber security, smart solutions, fintech and digital design.

Open Raven

Open Raven

Open Raven is the cloud native data security platform that prevents breaches driven by modern speed and sprawl. Restore full visibility and regain control within minutes, without agents.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

Valence Security

Valence Security

Valence manages and secures your Business Application Mesh by delivering visibility, reducing unauthorized access and preventing data loss.

European Center for CyberSecurity in Aviation (ECCSA)

European Center for CyberSecurity in Aviation (ECCSA)

ECCSA is a cooperative partnership within the aviation community to better understand emerging cybersecurity risks in aviation and provide collective support in dealing with cybersecurity incidents.

ITSEC Asia

ITSEC Asia

ITSEC Asia works to effectively reduce exposure to information security threats and improve the effectiveness of its clients' information security management systems.

CyberQP

CyberQP

CyberQP (formerly Quickpass Cybersecurity) provide Privileged Access Management built for MSPs. Our system is designed to reduce ransomware and social engineering attack risks.

Zilla Security

Zilla Security

Zilla combines identity governance with cloud security to deliver comprehensive access visibility, reviews, lifecycle management, and policy-based security remediation.

Teleskope

Teleskope

Teleskope are on a mission to empower businesses to protect sensitive data by default.