Cyber Security: GCHQ's Director Speaks Out

Uploaded on 2022-04-09 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

This is an edited version of Britain's Spy Agency GCHQ's Director Sir Jeremy Fleming's speech given to the  Australian National University on 31st March.

‘Now, it’s stating the obvious to point out that the World has changed since my last visit: the pandemic, the profile and dominance of technology and cyber, the role of China, the end of the Afghan campaign and now Putin’s invasion of Ukraine.

‘Any one of these could be viewed as a historic shift. Taken together, they add up to a period of generational upheaval. The economic, societal and geo-political consequences are still playing out – and will do for decades to come. And that’s obviously the case in the world of National Security too. Here, the threats we face and our approaches to their mitigation are changing rapidly.

‘There’s much talk of the need to design a new global security architecture. My contention is that it is already happening. It is already different.

‘The pandemic has made clear that we are interconnected and dependent in ways we hadn’t fully understood. We’ve had to wake up to the reality of what that means for our economies and our security. And we’ve seen how vital technology is to stay connected, to keep our economies going and to change the way that we work…even in the national security community. 

‘Yet it’s also shown how vulnerable our nations are to cyber threats and how quickly our adversaries adapt to take advantage.

‘The lesson, for me, that our cyber security isn’t good enough and we need to invest in making it better. ‘And even though we believe Putin’s advisers are afraid to tell him the truth, what’s going on and the extent of these misjudgements must be crystal clear to the regime. This week, the Russian MOD stated publicly that they will drastically reduce combat operations around Kyiv and a city in the North. It looked like they have been forced to make a significant change.. But then they proceeded to launch attacks in both of those places. Mixed messages or deliberate misinformation - we’ll have to see how it unfolds.

‘I’ll start with the prominence of the information front. Russia wrote the hybrid warfare book. State media, on-line media and agents of influence are all used to obfuscate motivations and justify military actions. We’ve seen them use this playbook in Syria and many other theatres.

'Their aim is to promulgate disinformation. To sow mistrust in the evidence and to amplify false narratives. It’s also to make sure that the real picture of what’s going on doesn’t get exposed inside Russia.

‘And that’s where the most dangerous disinformation war is being waged. We know Putin’s campaign is beset by problems – low morale, logistical failures and high Russian casualty numbers. Their command and control is in chaos. We’ve seen Putin lie to his own people in an attempt to hide military incompetence. And all of that means, he seeks brutal control of the media and access to the Internet, he seeks the closing down of opposition voices, and he’s making heavy investment in their propaganda and covert agencies.

‘But here again, it’s clear that Putin has miscalculated. President Zelensky’s information operation has shown itself to be extremely effective. It’s agile, multi-platform, multi-media and extremely well-tailored to different audiences. 

‘And it’s a message supported by information campaigns all over the World. In the UK, it’s focused in a new Government Information Cell which identifies and counters Kremlin disinformation targeted at UK and international audiences. It brings together expertise from across government to challenge false narratives. It deals in facts, not falsehoods; making sure that the truth is told well. And increasingly, many of those ‘truths’ come from intelligence. It is already a remarkable feature of this conflict just how much intelligence has been so quickly declassified to get ahead of Putin’s actions. 

‘From the warnings of the war. To the intelligence on false flag operations designed to provide a fake premise to the invasion. And more recently, to the Russian plans to falsely claim Ukrainian use of banned chemical weapons.
On this and many other subjects, deeply secret intelligence is being released to make sure the truth is heard. At this pace and scale, it really is unprecedented. In my view, intelligence is only worth collecting if we use it, so I unreservedly welcome this development.

Cyber Operations Against Ukraine

Turning to the cyber dimension of Russia's invasion, Sir Jeremy said his agency never thought a catastrophic cyber attack was central to Moscow's use of cyber in a war. Instead, he said there have been lots of cyber operations against Ukraine.  

"We've certainly seen indicators which suggests Russia's cyber actors are looking for targets in the countries that oppose their actions... Of course, other aspects of this confrontation play out in cyber space. There has been commentary expressing surprise that we haven’t seen the Russians deploy a major cyber-attack as part of their campaign. I think a lot of this misses the point. Whilst some people look for cyber ‘Pearl Harbours’, it was never our understanding that a catastrophic cyber attack was central to Russian’s use of offensive cyber or to their military doctrine. To think otherwise, misjudges how cyber has an effect in military campaigns.

‘That’s not to say that we haven’t seen cyber in this conflict. We have - and lots of it. Through the National Cyber Security Centre, a part of GCHQ, we’ve seen sustained intent from Russia to disrupt Ukrainian government and military systems. We’ve seen what looks like some spill over of activity affecting surrounding countries. And we’ve certainly seen indications which suggests Russia’s cyber actors are looking for targets in the countries that oppose their actions. So just as we pay tribute to the Ukrainian military’s brave actions, we should pay tribute to Ukrainian cyber security too. We and other allies will continue to support them in shoring up their defences. And at home, we are doing all we can to ensure sure that businesses and Government urgently follow through on plans to improve basic levels of cyber resilience. I know your ACSC (Australian Cyber Security Centre) is doing the same here in Australia.

‘Whether we’re building on the lessons from the pandemic, understanding the implications of Russia’s invasion, or grappling with the implications of China’s rise, it’s clear that we must step up. There are many ways for us to do that, but it seems to me that two things are very important.

  • ‘The first is that we have to find new ways to collaborate and cooperate with partners. For those of us in National Security, that’s about ensuring the health of existing relationships.

It’s about securing our alliances, like the Five Eyes, NATO and in this region, ASEAN. And it’s about working with businesses in new and truly collaborative ways.  And to do this we need to make sure that our counteroffer, to states who haven’t yet decided which way they should jump, is persuasive and coherent. Too often it’s not.

  • ‘And the second is that in whatever we do, we must make sure that we stay true to our values, those that have made our systems and democracies so successful and will do so in the future too. 

‘I spoke at the beginning about how against a backdrop of historic shifts, a new global security architecture was emerging. And all of this change will take decades to resolve. But what I can be clear on now is that how we approach these challenges will be as important as what our response is. And all of us in this room today must play our part in following that through. 

GCHQ:     Australian National University:     Sky:      US News:     

You Might Also Read:

The App At The  Frontline Of Information Warfare:

 

« Google’s Emergency Update For Chrome
Bank of Ireland Fined €463,000 Over Data Breaches »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Proact IT Group

Proact IT Group

Proact is Europe's leading independent data centre and Cloud services enabler. We deliver flexible, accessible and secure IT solutions and services.

CTM360

CTM360

CTM360 is a unified external security platform offering 24x7x365 Cyber Threat Management for detecting and responding to cyber threats.

DigitalXRaid

DigitalXRaid

DigitalXRAID is driven and motivated to ensure the bad guys don’t win. We’re dedicated to providing our clients with state-of-the-art cyber security solutions.

Nemko

Nemko

Nemko offers testing, inspection, and certification services worldwide, mainly concerning products and systems, but also for machinery, installations, and personnel.

Casque SNR

Casque SNR

CASQUE SNR is the next generation of Identity Assurance that has potential to supersede existing solutions. It provides Identity Assurance for both people and things.

Cryptoloc

Cryptoloc

Cryptoloc's core business is developing solutions designed to protect businesses from all kinds of security threats using a unique patented cryptography.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

Intrinium

Intrinium

Intrinium is an Information Technology and Security Solutions company, providing comprehensive consulting and managed services to businesses of all sizes.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity. The leading Risk Assessment Platform for Critical Infrastructure.

Everbridge

Everbridge

Everbridge provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

Factmata

Factmata

Factmata is an social and news media monitoring and analytics product that uses AI to identify and track narratives online, highlighting those most likely to cause brand harm or misinform the public.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Cynch Security

Cynch Security

Cynch Security are passionate about building a world where every business is resilient to cybersecurity risks, no matter what their size.

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.

Security Mind

Security Mind

Security Mind is an innovative Cyber Security Awareness program that aims to increase the awareness of each member of the organization and develop the ability to recognize potential cyber threats.