Cyber Security: GCHQ's Director Speaks Out

Uploaded on 2022-04-09 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

This is an edited version of Britain's Spy Agency GCHQ's Director Sir Jeremy Fleming's speech given to the  Australian National University on 31st March.

‘Now, it’s stating the obvious to point out that the World has changed since my last visit: the pandemic, the profile and dominance of technology and cyber, the role of China, the end of the Afghan campaign and now Putin’s invasion of Ukraine.

‘Any one of these could be viewed as a historic shift. Taken together, they add up to a period of generational upheaval. The economic, societal and geo-political consequences are still playing out – and will do for decades to come. And that’s obviously the case in the world of National Security too. Here, the threats we face and our approaches to their mitigation are changing rapidly.

‘There’s much talk of the need to design a new global security architecture. My contention is that it is already happening. It is already different.

‘The pandemic has made clear that we are interconnected and dependent in ways we hadn’t fully understood. We’ve had to wake up to the reality of what that means for our economies and our security. And we’ve seen how vital technology is to stay connected, to keep our economies going and to change the way that we work…even in the national security community. 

‘Yet it’s also shown how vulnerable our nations are to cyber threats and how quickly our adversaries adapt to take advantage.

‘The lesson, for me, that our cyber security isn’t good enough and we need to invest in making it better. ‘And even though we believe Putin’s advisers are afraid to tell him the truth, what’s going on and the extent of these misjudgements must be crystal clear to the regime. This week, the Russian MOD stated publicly that they will drastically reduce combat operations around Kyiv and a city in the North. It looked like they have been forced to make a significant change.. But then they proceeded to launch attacks in both of those places. Mixed messages or deliberate misinformation - we’ll have to see how it unfolds.

‘I’ll start with the prominence of the information front. Russia wrote the hybrid warfare book. State media, on-line media and agents of influence are all used to obfuscate motivations and justify military actions. We’ve seen them use this playbook in Syria and many other theatres.

'Their aim is to promulgate disinformation. To sow mistrust in the evidence and to amplify false narratives. It’s also to make sure that the real picture of what’s going on doesn’t get exposed inside Russia.

‘And that’s where the most dangerous disinformation war is being waged. We know Putin’s campaign is beset by problems – low morale, logistical failures and high Russian casualty numbers. Their command and control is in chaos. We’ve seen Putin lie to his own people in an attempt to hide military incompetence. And all of that means, he seeks brutal control of the media and access to the Internet, he seeks the closing down of opposition voices, and he’s making heavy investment in their propaganda and covert agencies.

‘But here again, it’s clear that Putin has miscalculated. President Zelensky’s information operation has shown itself to be extremely effective. It’s agile, multi-platform, multi-media and extremely well-tailored to different audiences. 

‘And it’s a message supported by information campaigns all over the World. In the UK, it’s focused in a new Government Information Cell which identifies and counters Kremlin disinformation targeted at UK and international audiences. It brings together expertise from across government to challenge false narratives. It deals in facts, not falsehoods; making sure that the truth is told well. And increasingly, many of those ‘truths’ come from intelligence. It is already a remarkable feature of this conflict just how much intelligence has been so quickly declassified to get ahead of Putin’s actions. 

‘From the warnings of the war. To the intelligence on false flag operations designed to provide a fake premise to the invasion. And more recently, to the Russian plans to falsely claim Ukrainian use of banned chemical weapons.
On this and many other subjects, deeply secret intelligence is being released to make sure the truth is heard. At this pace and scale, it really is unprecedented. In my view, intelligence is only worth collecting if we use it, so I unreservedly welcome this development.

Cyber Operations Against Ukraine

Turning to the cyber dimension of Russia's invasion, Sir Jeremy said his agency never thought a catastrophic cyber attack was central to Moscow's use of cyber in a war. Instead, he said there have been lots of cyber operations against Ukraine.  

"We've certainly seen indicators which suggests Russia's cyber actors are looking for targets in the countries that oppose their actions... Of course, other aspects of this confrontation play out in cyber space. There has been commentary expressing surprise that we haven’t seen the Russians deploy a major cyber-attack as part of their campaign. I think a lot of this misses the point. Whilst some people look for cyber ‘Pearl Harbours’, it was never our understanding that a catastrophic cyber attack was central to Russian’s use of offensive cyber or to their military doctrine. To think otherwise, misjudges how cyber has an effect in military campaigns.

‘That’s not to say that we haven’t seen cyber in this conflict. We have - and lots of it. Through the National Cyber Security Centre, a part of GCHQ, we’ve seen sustained intent from Russia to disrupt Ukrainian government and military systems. We’ve seen what looks like some spill over of activity affecting surrounding countries. And we’ve certainly seen indications which suggests Russia’s cyber actors are looking for targets in the countries that oppose their actions. So just as we pay tribute to the Ukrainian military’s brave actions, we should pay tribute to Ukrainian cyber security too. We and other allies will continue to support them in shoring up their defences. And at home, we are doing all we can to ensure sure that businesses and Government urgently follow through on plans to improve basic levels of cyber resilience. I know your ACSC (Australian Cyber Security Centre) is doing the same here in Australia.

‘Whether we’re building on the lessons from the pandemic, understanding the implications of Russia’s invasion, or grappling with the implications of China’s rise, it’s clear that we must step up. There are many ways for us to do that, but it seems to me that two things are very important.

  • ‘The first is that we have to find new ways to collaborate and cooperate with partners. For those of us in National Security, that’s about ensuring the health of existing relationships.

It’s about securing our alliances, like the Five Eyes, NATO and in this region, ASEAN. And it’s about working with businesses in new and truly collaborative ways.  And to do this we need to make sure that our counteroffer, to states who haven’t yet decided which way they should jump, is persuasive and coherent. Too often it’s not.

  • ‘And the second is that in whatever we do, we must make sure that we stay true to our values, those that have made our systems and democracies so successful and will do so in the future too. 

‘I spoke at the beginning about how against a backdrop of historic shifts, a new global security architecture was emerging. And all of this change will take decades to resolve. But what I can be clear on now is that how we approach these challenges will be as important as what our response is. And all of us in this room today must play our part in following that through. 

GCHQ:     Australian National University:     Sky:      US News:     

You Might Also Read:

The App At The  Frontline Of Information Warfare:

 

« Google’s Emergency Update For Chrome
Bank of Ireland Fined €463,000 Over Data Breaches »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

eScan AV

eScan AV

eScan develops Information Security solutions that provide protection against current and evolving cyber threats.

Masergy Communications

Masergy Communications

Masergy delivers hybrid networking, managed security and cloud communication solutions to enterprises around the globe.

Openminded (OPMD)

Openminded (OPMD)

Openminded is a French security and network services company.

CyberOne

CyberOne

CyberOne (formerly Comtact) offer a full stack cybersecurity service to ensure our customers understand the cyber maturity of their organisation.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Threat Status

Threat Status

Threat Status are a Threat Intelligence company. We are the developers of Trillion. A cloud based Security As A Service (SaaS) platform.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

Nubeva Technologies

Nubeva Technologies

Nubeva provide a breakthrough TLS Decrypt solution with Symmetric Key Intercept to gain the visibility needed to monitor and secure network traffic.

Voxility

Voxility

Voxility provides Infrastructure-as-a-Service in the biggest Internet hubs in the world.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

CommandK

CommandK

CommandK provides companies with infrastructure to protect their sensitive data. Built-in solutions to prevent data-leaks and simplify governance.

Silent Push

Silent Push

Silent Push maps all internet-facing infrastructure with searchable, advanced attributes, generating early indicators of potential threats that are tailored to your environment.

WPScan

WPScan

With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.

UltraViolet Cyber

UltraViolet Cyber

UltraViolet is an industry leading tech-enabled managed security services company.