British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering

For a long time cyber attacks were believed to be the command of criminals seeking to steal or extort money, but now it’s become clear that nations are using cyber crime as a part of their offensive military  operations.

Now, nation-state sponsored cyber attacks by professional hacking groups are being widely used by governments, including as Russia and China, to take advantage of their diplomatic adversaries’ digital security weaknesses.

Ransomware, phishing and distributed denial-of-service (DDoS) attacks are just a few of the many weapons that states are now using in geopolitical conflicts that are increasingly playing out in cyberspace rather than on the battlefield.

In particular, the Ukraine conflict has marked a sea-change for the release of secret intelligence, the head of the spy agency GCHQ Sir Jeremy Fleming has said.

Washington and London took the unusual step of publicising their knowledge of Russia's plans ahead of its invasion. The head of US intelligence, Avril Haines, said lessons had been learned including the limits of such moves to publicise intelligence. Displaying an unprecedented degree of transparency, the British GCHQ spy chief, Sir Jeremy Fleming recently interviewed her for BBC Radio 4's Today news programme. As a 30-year veteran of the secret world, Sir Jeremy Fleming said the act of declassifying intelligence was "quite hard in many ways" because a lot of effort went into getting secret intelligence - but there was no point collecting it unless it could be used.

He said he agreed with the sea-change of getting intelligence out there and using it to undermine a narrative, but much of the world had not completely bought into the argument. He also said that Ukraine had seen a new type of conflict in which intelligence was at the forefront. "Keeping the population up-to-date on what we're seeing and involving them in the conversation in a more significant way is crucial," Ms Haines added in her conversation with Sir Jeremy, who is guest-editing the Today programme. As director of national intelligence, Ms Haines co-ordinates all America's spy agencies - and she played a pivotal role in pushing for sensitive intelligence to be declassified and published in the run-up to Russia's February invasion. 

This unusual step was designed to deter Russia and counter its claims it was acting defensively. "We were able to have an impact," Ms Haines said, "at the same times what also is clear… is that our impact was far greater in the West than it was in other places in the world." In Russia, she said the efforts had "basically no impact" because of the control the Kremlin exerted over information flows inside the country. "Authoritarian states have this kind of asymmetric advantage where they're effectively controlling the information to their populations," Ms Haines said. 

She then added that Russia also tried to take advantage of the open information flow in western societies to promote their narratives and exacerbate divisions in society. 

Working out how to understand and counter this foreign influence was a growing area for Western intelligence communities. "The Russians engaged in a very concerted information campaign around the world on these issues... One of their main narratives is the United States is provoking this conflict, and that Nato and Ukraine are setting the conditions and threatening Russia and that sort of forced them into this position." she said

Jeremy Fleming also said that "much of the world" had not completely bought the Western side of the argument. The GCHQ chief said it was important that it was not just government or intelligence agency voices in the debate.  "There are different alliances, which enable us to show and demonstrate that we are more trusted," he said.

Sir Jeremy said the private sector had played an important part in the conflict, including satellite imagery from private providers, or the work of companies like Microsoft in providing cyberdefences for Ukraine. 

Asked if his successor could be the first woman to lead GCHQ, Sir Jeremy said "let's hope so" noting the organisation had not been led by either a woman or someone from an ethnic minority background and that it was time to "show a difference at the top" of intelligence agencies.

BBC:      Gov.UK:      GCHQ:    Raconteur:    Independent:  

You Might Also Read: 

Britain Has Secretly Contributed £6m To Ukraine’s Cyber Defence:
 


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


« Spying On Mobile Phone Calls
Five Data Security Trends Organisations Must Deal With »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

ESET

ESET

ESET provide security software for enterprises and consumers - Antivirus Software, Internet Security and Virus Protection.

Veracode

Veracode

Veracode delivers the most widely used cloud-based platform for securing web, mobile, legacy and third-party enterprise applications.

Original Software

Original Software

Original Software offers a test automation solution focused completely on the goal of effective software quality management.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

Statice

Statice

Statice develops state-of-the-art data privacy technology that helps companies double-down on data-driven innovation while safeguarding the privacy of individuals.

Dale Peterson

Dale Peterson

Dale Peterson, a leading ICS security and control system IT information expert, provides consulting services to assess and improve the security of SCADA and DCS.

FraudWatch International

FraudWatch International

FraudWatch has been protecting client brands around the world since 2003, and are the leaders in online brand protection from phishing, malware, social media and mobile apps impersonation.

Option3Ventures (O3V)

Option3Ventures (O3V)

Option3Ventures LLC specializes in finding and developing attractive investment opportunities at the frontiers of cybersecurity and immediately adjacent technologies.

Adlumin

Adlumin

Adlumin's cloud-native SIEM is built exclusively for financial institutions to help manage evolving threats and cybersecurity compliance requirements.

Sertainty

Sertainty

Sertainty enables developers to mix intelligence into data files for active risk mitigation and data control. Discover the impact of Data: Empowered.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

Dutch Institute for Vulnerability Disclosure (DIVD)

Dutch Institute for Vulnerability Disclosure (DIVD)

DIVD's aim is to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.