UK Launches Cyber Attack On Islamic State

The UK has conducted a "major offensive cyber-campaign" against the Islamic State group, the director of the intelligence agency GCHQ has revealed.

The operation hindered the group's ability to co-ordinate attacks and suppressed its propaganda, former MI5 agent Jeremy Fleming said.

It is the first time the UK has systematically degraded an adversary's online efforts in a military campaign.

Mr Fleming made the remarks in his first public speech as GCHQ director. "The outcomes of these operations are wide-ranging," he told the Cyber UK conference in Manchester.

"In 2017 there were times when Daesh [an alternative name for Islamic State] found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications."

Mr Fleming said much of the cyber-operation was "too sensitive to talk about", but had disrupted the group's online activities and even destroyed equipment and networks. "This campaign shows how targeted and effective offensive cyber can be," he added.

But Mr Fleming said the fight against IS was not over, because the group continued to "seek to carry out or inspire further attacks in the UK" and find new "ungoverned spaces to base their operations".

'Blurring boundaries'

Mr Fleming also criticised Russia over what he called "unacceptable cyber-behaviour" that was a "growing threat" to the UK and its allies.

He recalled the NotPetya ransomware attack on Ukraine last year, which eventually spread across the world. The UK and US later said the Russian military were behind the attack, a claim that Moscow denied.

"They're not playing to the same rules," Mr Fleming said. "They're blurring the boundaries between criminal and state activity."

He said the use of a nerve agent on Sergei and Yulia Skripal in Salisbury was "stark and shocking", and demonstrated "how reckless Russia is prepared to be".

The UK has said Moscow was "culpable" for the attack, but Russia denies any involvement.

"The robust response from the UK and from the international community shows the Kremlin that illegal acts have consequences. And it looks like our expertise on Russia will be in increasing demand," he said.

Following the speech, the chief executive of the National Cyber Security Centre, Ciaran Martin, told the BBC the Notpetya case was also an example of the Russian recklessness mentioned by Mr Fleming.

Asked if the disclosures about offensive cyber-actions were a veiled warning to Russia, Mr Martin said sometimes the best form of defence is defence.

Mr Fleming went on to describe some of GCHQ's other goals, which include tracking down people who use the dark web to distribute child sex abuse images.

Cyber has created a new landscape for attackers and defenders, he said, and the challenges were "vast" but were being met by a strong and lawful GCHQ.

On Wednesday 11th April, Mr Fleming announced new GCHQ base is to open in Manchester hoping to draw "tech savvy recruits".

BBC

You Kight Also Read: 

Islamic State Likely To Switch To Cyber Warfare:

« Cyber Attacks Focus On Healthcare
Vigilante Hackers Attack Nation States »

Directory of Suppliers

Entrust People

Entrust People

Entrust People is a recruitment agency specialising in Life Sciences and IT.

Global Knowledge Training

Global Knowledge Training

Global Knowledge is a worldwide leader in IT and business training, featuring Cisco, Microsoft, VMware, IBM, security, cloud computing, and project management.

USNA Center for Cyber Security Studies

USNA Center for Cyber Security Studies

The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare.

Arista Networks

Arista Networks

Arista Networks was founded to deliver software defined cloud networking solutions for large data centre and computing environments.

PaloAlto Networks

PaloAlto Networks

PaloAlto Networks security platform protect thousands of enterprise, government, and service provider networks from cyber threats.

MePIN

MePIN

MePIN is an online user authentication and transaction authorization solution.

CHG-MERIDIAN

CHG-MERIDIAN

CHG-MERIDIAN is one of the world's leading technology management service providers in the IT, telecommunication, industry and healthcare sectors.

NCE Computer Group (Europe) Ltd

NCE Computer Group (Europe) Ltd

NCE specialise in the design, delivery and support of enterprise level IT services and solutions including network security and data recovery services.

PhishMe

PhishMe

PhishMe provides phishing threat management for organizations concerned about human susceptibility and response to advanced targeted attacks.

CyberSponse

CyberSponse

CyberSponse is a leading provider of automated incident response solutions for cyber security threat management.

Backup112

Backup112

Backup112 has been delivering professional cloud backup services since 2004.

NTP Software

NTP Software

NTP Software is a worldwide leader in the management and control of unstructured file data.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

SourceClear

SourceClear

SourceClear gives security teams visibility into the vulnerabilities in the open-source code and allows them to define and control organizational security policies.

J2 Software

J2 Software

J2 Software is a leading African Information Security and ICT business providing information security, governance, risk and compliance solutions.