Cyber Security: GCHQ's Director Speaks Out

This is an edited version of Britain's Spy Agency GCHQ's Director Sir Jeremy Fleming's speech given to the  Australian National University on 31st March.

‘Now, it’s stating the obvious to point out that the World has changed since my last visit: the pandemic, the profile and dominance of technology and cyber, the role of China, the end of the Afghan campaign and now Putin’s invasion of Ukraine.

‘Any one of these could be viewed as a historic shift. Taken together, they add up to a period of generational upheaval. The economic, societal and geo-political consequences are still playing out – and will do for decades to come. And that’s obviously the case in the world of National Security too. Here, the threats we face and our approaches to their mitigation are changing rapidly.

‘There’s much talk of the need to design a new global security architecture. My contention is that it is already happening. It is already different.

‘The pandemic has made clear that we are interconnected and dependent in ways we hadn’t fully understood. We’ve had to wake up to the reality of what that means for our economies and our security. And we’ve seen how vital technology is to stay connected, to keep our economies going and to change the way that we work…even in the national security community. 

‘Yet it’s also shown how vulnerable our nations are to cyber threats and how quickly our adversaries adapt to take advantage.

‘The lesson, for me, that our cyber security isn’t good enough and we need to invest in making it better. ‘And even though we believe Putin’s advisers are afraid to tell him the truth, what’s going on and the extent of these misjudgements must be crystal clear to the regime. This week, the Russian MOD stated publicly that they will drastically reduce combat operations around Kyiv and a city in the North. It looked like they have been forced to make a significant change.. But then they proceeded to launch attacks in both of those places. Mixed messages or deliberate misinformation - we’ll have to see how it unfolds.

‘I’ll start with the prominence of the information front. Russia wrote the hybrid warfare book. State media, on-line media and agents of influence are all used to obfuscate motivations and justify military actions. We’ve seen them use this playbook in Syria and many other theatres.

'Their aim is to promulgate disinformation. To sow mistrust in the evidence and to amplify false narratives. It’s also to make sure that the real picture of what’s going on doesn’t get exposed inside Russia.

‘And that’s where the most dangerous disinformation war is being waged. We know Putin’s campaign is beset by problems – low morale, logistical failures and high Russian casualty numbers. Their command and control is in chaos. We’ve seen Putin lie to his own people in an attempt to hide military incompetence. And all of that means, he seeks brutal control of the media and access to the Internet, he seeks the closing down of opposition voices, and he’s making heavy investment in their propaganda and covert agencies.

‘But here again, it’s clear that Putin has miscalculated. President Zelensky’s information operation has shown itself to be extremely effective. It’s agile, multi-platform, multi-media and extremely well-tailored to different audiences. 

‘And it’s a message supported by information campaigns all over the World. In the UK, it’s focused in a new Government Information Cell which identifies and counters Kremlin disinformation targeted at UK and international audiences. It brings together expertise from across government to challenge false narratives. It deals in facts, not falsehoods; making sure that the truth is told well. And increasingly, many of those ‘truths’ come from intelligence. It is already a remarkable feature of this conflict just how much intelligence has been so quickly declassified to get ahead of Putin’s actions. 

‘From the warnings of the war. To the intelligence on false flag operations designed to provide a fake premise to the invasion. And more recently, to the Russian plans to falsely claim Ukrainian use of banned chemical weapons.
On this and many other subjects, deeply secret intelligence is being released to make sure the truth is heard. At this pace and scale, it really is unprecedented. In my view, intelligence is only worth collecting if we use it, so I unreservedly welcome this development.

Cyber Operations Against Ukraine

Turning to the cyber dimension of Russia's invasion, Sir Jeremy said his agency never thought a catastrophic cyber attack was central to Moscow's use of cyber in a war. Instead, he said there have been lots of cyber operations against Ukraine.  

"We've certainly seen indicators which suggests Russia's cyber actors are looking for targets in the countries that oppose their actions... Of course, other aspects of this confrontation play out in cyber space. There has been commentary expressing surprise that we haven’t seen the Russians deploy a major cyber-attack as part of their campaign. I think a lot of this misses the point. Whilst some people look for cyber ‘Pearl Harbours’, it was never our understanding that a catastrophic cyber attack was central to Russian’s use of offensive cyber or to their military doctrine. To think otherwise, misjudges how cyber has an effect in military campaigns.

‘That’s not to say that we haven’t seen cyber in this conflict. We have - and lots of it. Through the National Cyber Security Centre, a part of GCHQ, we’ve seen sustained intent from Russia to disrupt Ukrainian government and military systems. We’ve seen what looks like some spill over of activity affecting surrounding countries. And we’ve certainly seen indications which suggests Russia’s cyber actors are looking for targets in the countries that oppose their actions. So just as we pay tribute to the Ukrainian military’s brave actions, we should pay tribute to Ukrainian cyber security too. We and other allies will continue to support them in shoring up their defences. And at home, we are doing all we can to ensure sure that businesses and Government urgently follow through on plans to improve basic levels of cyber resilience. I know your ACSC (Australian Cyber Security Centre) is doing the same here in Australia.

‘Whether we’re building on the lessons from the pandemic, understanding the implications of Russia’s invasion, or grappling with the implications of China’s rise, it’s clear that we must step up. There are many ways for us to do that, but it seems to me that two things are very important.

  • ‘The first is that we have to find new ways to collaborate and cooperate with partners. For those of us in National Security, that’s about ensuring the health of existing relationships.

It’s about securing our alliances, like the Five Eyes, NATO and in this region, ASEAN. And it’s about working with businesses in new and truly collaborative ways.  And to do this we need to make sure that our counteroffer, to states who haven’t yet decided which way they should jump, is persuasive and coherent. Too often it’s not.

  • ‘And the second is that in whatever we do, we must make sure that we stay true to our values, those that have made our systems and democracies so successful and will do so in the future too. 

‘I spoke at the beginning about how against a backdrop of historic shifts, a new global security architecture was emerging. And all of this change will take decades to resolve. But what I can be clear on now is that how we approach these challenges will be as important as what our response is. And all of us in this room today must play our part in following that through. 

GCHQ:     Australian National University:     Sky:      US News:     

You Might Also Read:

The App At The  Frontline Of Information Warfare:

 

« Google’s Emergency Update For Chrome
Bank of Ireland Fined €463,000 Over Data Breaches »

Quartz Conference
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

UNISOL International

UNISOL International

UNISOL International is a value-added Wholesale Distributor of IP Technology Solutions for the Electronic Security and Telecommunications Industries.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

WebARX

WebARX

WebARX is a web application security platform, which allows digital agencies and developers to monitor, protect and maintain their websites.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

Yelbridges

Yelbridges

Yelbridges is your reliable partner in all fields of IT-Security, from developing of Security Policies and Guidelines to the design and implementation of secure processes.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Risk Based Security (RBS)

Risk Based Security (RBS)

Risk Based Security provide the most comprehensive and timely vulnerability intelligence, breach data and risk ratings.

BotGuard

BotGuard

BotGuard provides a service to protect your website from malicious bots, crawlers, scrapers, and hacker attacks.

Cutting Edge Technologies (CE Tech)

Cutting Edge Technologies (CE Tech)

CE Tech is a Next Generation Technology Partner providing advanced technology infrastructure solutions through partnerships with leading technology providers.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

Hunter Strategy

Hunter Strategy

Hunter Strategy focuses on delivering solutions that are concise, scalable, and target our customer’s complex technical challenges.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

Twingate

Twingate

Twingate help organizations secure and manage access to their technology resources in a world where people work from anywhere.

Contextual Security Solutions

Contextual Security Solutions

Contextual Security Solutions is a leading provider of penetration testing services and IT security & compliance audits.

SecurityGen

SecurityGen

SecurityGen is a global cybersecurity start-up focused on telecom security, with a focus on 5G networks.

Aceiss

Aceiss

Aceiss empowers access security, providing unprecedented visibility and insights into user access.