British Spy Agency Was Hacked 20 Years Ago

June 2023 marked the 20th anniversary of the first time cyber experts at GCHQ responded to a foreign state hacking the British government, the spy agency has revealed recently. But even 20 years on the full details of the hack haven’t been disclosed. 

The National Cyber Security Centre (NCSC), a part of GCHQ, said the agency scrambled its cyber experts in 2003 to respond “after a government employee detected suspicious activity on one of their workstations.” 

“A suspected phishing email had been identified, so technical specialists sought help from the Communications-Electronics Security Group (CESG), the information assurance arm of GCHQ at that time,” stated NCSC. 

The CESG analysis discovered malware installed on the government employee’s device that had been designed to steal sensitive data while evading anti-virus software. The NCSC said that the CESG analysis of the malware’s capabilities raised “suspicions about the attack’s intent and set in motion a series of actions that was transformative to cyber incident investigations.”

The agency did not describe how transformative the actions were, but said: “For the first time, GCHQ fused its signals intelligence capabilities with its cyber security function to investigate and identify the actor responsible.”

The analysis concluded that the malware had been developed by a nation-state for the purpose of espionage, although NCSC declined to identify the state and the government department affected. The CESG was rolled into NCSC when it was founded in 2016, alongside a number of other authorities including CERT-UK, and parts of the Centre for Protection of National Infrastructure, which has since become the National Protective Security Authority and an avowed part of MI5.

The NCSC’s director of operations, Paul Chichester commented, “Twenty years ago, we were just crossing the threshold of the cyber attack arena, and this incident marked the first time that GCHQ was involved in a response to an incident affecting the UK Government “It was also the first time that the UK and Europe started to understand the potential online risks we faced and our response transformed how we investigate and defend against such attacks,” he added.

At the time of the 2003 hack, much of the news about cyber security stemmed from worms and viruses that affected consumer products or from hackers intent on crime or mischief, not nation-state cyberattacks. 

“The NCSC and our allies have come such a long way since this incident, and it is reassuring to be at the forefront of efforts to develop tools and techniques to defend against cyber threats and keep our respective nations safe online,” Chichester said.

NCSC FT:    The Record:    The Times:   Guardian:    

You Might Also Read: 

British Spy Chief Says War In Ukraine Is Changing Intelligence Gathering:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« SCADA Is Dead, Or Is It?
A Million British Medical Patient Records Hacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

High Technology Crime Investigation Association (HTCIA)

High Technology Crime Investigation Association (HTCIA)

HTCIA was formed to provide education and collaboration to our global members for the prevention and investigation of high tech crimes.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

Compumatica

Compumatica

Compumatica is a leading European ICT security manufacturer for cybersecurity and encryption products. Solutions include network security, SCADA/ICS security, Mobile/BYOD and email encryption.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

Sliced Tech

Sliced Tech

Sliced Tech provides enterprise grade managed Cloud services, including Security-as-a-Services, aimed at meeting the needs of commercial and government clients from within Australia.

Kuratorium Sicheres Österreich (KSO)

Kuratorium Sicheres Österreich (KSO)

KSO is an independent non-profit association that has set itself the goal of making Austria safer as a national networking and information platform for topics of internal security.

National Authority for Electronic Certification and Cyber Security (AKCESK) - Albania

National Authority for Electronic Certification and Cyber Security (AKCESK) - Albania

AKCESK ensures security for trusted services, in particular reliability and security in electronic transactions between citizens, businesses and public authorities.

Concentric

Concentric

Concentric Data Risk Monitoring and Protection. Deep Learning to discover, monitor and remediate risks to sensitive data on-premises and in the cloud.

Fasken

Fasken

Fasken is one of the largest business law firms in Canada and a recognized leader in privacy and cybersecurity law.

Simplilearn

Simplilearn

Simplilearn is the world's #1 online bootcamp for digital skills training in disciplines such as Cyber Security, Cloud Computing, Project Management, Digital Marketing, and Data Science.

SECUINFRA

SECUINFRA

SECUINFRA has been supporting companies in detecting, analyzing and defending against cyber attacks since 2010.

Xalient

Xalient

Xalient is an IT consulting and managed services business, specialising in modern, software-defined networking, security and communications technologies.

iSPIRAL IT Solutions

iSPIRAL IT Solutions

iSPIRAL is a leading regulatory technology software provider delivering state-of-art AML, KYC, Risk and Compliance solutions.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

LockMagic

LockMagic

Lockmagic is an information asset management solution to protect, track, audit and control accesses to sensitive information inside and outside your organization.

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.