British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering

For a long time cyber attacks were believed to be the command of criminals seeking to steal or extort money, but now it’s become clear that nations are using cyber crime as a part of their offensive military  operations.

Now, nation-state sponsored cyber attacks by professional hacking groups are being widely used by governments, including as Russia and China, to take advantage of their diplomatic adversaries’ digital security weaknesses.

Ransomware, phishing and distributed denial-of-service (DDoS) attacks are just a few of the many weapons that states are now using in geopolitical conflicts that are increasingly playing out in cyberspace rather than on the battlefield.

In particular, the Ukraine conflict has marked a sea-change for the release of secret intelligence, the head of the spy agency GCHQ Sir Jeremy Fleming has said.

Washington and London took the unusual step of publicising their knowledge of Russia's plans ahead of its invasion. The head of US intelligence, Avril Haines, said lessons had been learned including the limits of such moves to publicise intelligence. Displaying an unprecedented degree of transparency, the British GCHQ spy chief, Sir Jeremy Fleming recently interviewed her for BBC Radio 4's Today news programme. As a 30-year veteran of the secret world, Sir Jeremy Fleming said the act of declassifying intelligence was "quite hard in many ways" because a lot of effort went into getting secret intelligence - but there was no point collecting it unless it could be used.

He said he agreed with the sea-change of getting intelligence out there and using it to undermine a narrative, but much of the world had not completely bought into the argument. He also said that Ukraine had seen a new type of conflict in which intelligence was at the forefront. "Keeping the population up-to-date on what we're seeing and involving them in the conversation in a more significant way is crucial," Ms Haines added in her conversation with Sir Jeremy, who is guest-editing the Today programme. As director of national intelligence, Ms Haines co-ordinates all America's spy agencies - and she played a pivotal role in pushing for sensitive intelligence to be declassified and published in the run-up to Russia's February invasion. 

This unusual step was designed to deter Russia and counter its claims it was acting defensively. "We were able to have an impact," Ms Haines said, "at the same times what also is clear… is that our impact was far greater in the West than it was in other places in the world." In Russia, she said the efforts had "basically no impact" because of the control the Kremlin exerted over information flows inside the country. "Authoritarian states have this kind of asymmetric advantage where they're effectively controlling the information to their populations," Ms Haines said. 

She then added that Russia also tried to take advantage of the open information flow in western societies to promote their narratives and exacerbate divisions in society. 

Working out how to understand and counter this foreign influence was a growing area for Western intelligence communities. "The Russians engaged in a very concerted information campaign around the world on these issues... One of their main narratives is the United States is provoking this conflict, and that Nato and Ukraine are setting the conditions and threatening Russia and that sort of forced them into this position." she said

Jeremy Fleming also said that "much of the world" had not completely bought the Western side of the argument. The GCHQ chief said it was important that it was not just government or intelligence agency voices in the debate.  "There are different alliances, which enable us to show and demonstrate that we are more trusted," he said.

Sir Jeremy said the private sector had played an important part in the conflict, including satellite imagery from private providers, or the work of companies like Microsoft in providing cyberdefences for Ukraine. 

Asked if his successor could be the first woman to lead GCHQ, Sir Jeremy said "let's hope so" noting the organisation had not been led by either a woman or someone from an ethnic minority background and that it was time to "show a difference at the top" of intelligence agencies.

BBC:      Gov.UK:      GCHQ:    Raconteur:    Independent:  

You Might Also Read: 

Britain Has Secretly Contributed £6m To Ukraine’s Cyber Defence:
 


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


« Spying On Mobile Phone Calls
Five Data Security Trends Organisations Must Deal With »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

C3IA Solutions

C3IA Solutions

C3IA Solutions is an NCSC-certified Cyber Consultancy providing assured, tailored advice to keep your information secure and data protected.

SI-CERT

SI-CERT

SI-CERT (Slovenian Computer Emergency Response Team) is the national cyber scurity incident response center for Slovenia.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Aware

Aware

Aware is the only comprehensive AI solution for governance, risk, compliance and insights for leading collaboration platforms.

Cyber Resilience Centre for Wales (WCRC)

Cyber Resilience Centre for Wales (WCRC)

The Cyber Resilience Centre for Wales (WCRC) is part of the national roll out of Cyber Resilience Centres in the UK which began in 2019.

Custard Technical Services

Custard Technical Services

Custard provide Network Security for all types of businesses across many industries, helping to keep them safe and secure.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

Match Systems

Match Systems

Match Systems provides blockchain investigations, KYC, KYT, AML, Due Diligence and compliance services.

Global Resilience Federation (GRF)

Global Resilience Federation (GRF)

GRF builds, develops and connects security information sharing communities for mutual defense.

DV Cyber Security

DV Cyber Security

DV Cyber (formerly A76) is an innovative cyber security company vertically focused on Threat Intelligence and Cyber Security Research.

Sunnic

Sunnic

Sunnic is a leading provider of comprehensive digital data security technology.

DarkHorse Security

DarkHorse Security

DarkHorse exists to make it easy and affordable for organizations to be able to identify their cybersecurity vulnerabilities.

Terra Security

Terra Security

Terra Security is the first agentic-AI platform built for web application penetration testing.