Cyber Security: GCHQ's Director Speaks Out

Uploaded on 2022-04-09 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

This is an edited version of Britain's Spy Agency GCHQ's Director Sir Jeremy Fleming's speech given to the  Australian National University on 31st March.

‘Now, it’s stating the obvious to point out that the World has changed since my last visit: the pandemic, the profile and dominance of technology and cyber, the role of China, the end of the Afghan campaign and now Putin’s invasion of Ukraine.

‘Any one of these could be viewed as a historic shift. Taken together, they add up to a period of generational upheaval. The economic, societal and geo-political consequences are still playing out – and will do for decades to come. And that’s obviously the case in the world of National Security too. Here, the threats we face and our approaches to their mitigation are changing rapidly.

‘There’s much talk of the need to design a new global security architecture. My contention is that it is already happening. It is already different.

‘The pandemic has made clear that we are interconnected and dependent in ways we hadn’t fully understood. We’ve had to wake up to the reality of what that means for our economies and our security. And we’ve seen how vital technology is to stay connected, to keep our economies going and to change the way that we work…even in the national security community. 

‘Yet it’s also shown how vulnerable our nations are to cyber threats and how quickly our adversaries adapt to take advantage.

‘The lesson, for me, that our cyber security isn’t good enough and we need to invest in making it better. ‘And even though we believe Putin’s advisers are afraid to tell him the truth, what’s going on and the extent of these misjudgements must be crystal clear to the regime. This week, the Russian MOD stated publicly that they will drastically reduce combat operations around Kyiv and a city in the North. It looked like they have been forced to make a significant change.. But then they proceeded to launch attacks in both of those places. Mixed messages or deliberate misinformation - we’ll have to see how it unfolds.

‘I’ll start with the prominence of the information front. Russia wrote the hybrid warfare book. State media, on-line media and agents of influence are all used to obfuscate motivations and justify military actions. We’ve seen them use this playbook in Syria and many other theatres.

'Their aim is to promulgate disinformation. To sow mistrust in the evidence and to amplify false narratives. It’s also to make sure that the real picture of what’s going on doesn’t get exposed inside Russia.

‘And that’s where the most dangerous disinformation war is being waged. We know Putin’s campaign is beset by problems – low morale, logistical failures and high Russian casualty numbers. Their command and control is in chaos. We’ve seen Putin lie to his own people in an attempt to hide military incompetence. And all of that means, he seeks brutal control of the media and access to the Internet, he seeks the closing down of opposition voices, and he’s making heavy investment in their propaganda and covert agencies.

‘But here again, it’s clear that Putin has miscalculated. President Zelensky’s information operation has shown itself to be extremely effective. It’s agile, multi-platform, multi-media and extremely well-tailored to different audiences. 

‘And it’s a message supported by information campaigns all over the World. In the UK, it’s focused in a new Government Information Cell which identifies and counters Kremlin disinformation targeted at UK and international audiences. It brings together expertise from across government to challenge false narratives. It deals in facts, not falsehoods; making sure that the truth is told well. And increasingly, many of those ‘truths’ come from intelligence. It is already a remarkable feature of this conflict just how much intelligence has been so quickly declassified to get ahead of Putin’s actions. 

‘From the warnings of the war. To the intelligence on false flag operations designed to provide a fake premise to the invasion. And more recently, to the Russian plans to falsely claim Ukrainian use of banned chemical weapons.
On this and many other subjects, deeply secret intelligence is being released to make sure the truth is heard. At this pace and scale, it really is unprecedented. In my view, intelligence is only worth collecting if we use it, so I unreservedly welcome this development.

Cyber Operations Against Ukraine

Turning to the cyber dimension of Russia's invasion, Sir Jeremy said his agency never thought a catastrophic cyber attack was central to Moscow's use of cyber in a war. Instead, he said there have been lots of cyber operations against Ukraine.  

"We've certainly seen indicators which suggests Russia's cyber actors are looking for targets in the countries that oppose their actions... Of course, other aspects of this confrontation play out in cyber space. There has been commentary expressing surprise that we haven’t seen the Russians deploy a major cyber-attack as part of their campaign. I think a lot of this misses the point. Whilst some people look for cyber ‘Pearl Harbours’, it was never our understanding that a catastrophic cyber attack was central to Russian’s use of offensive cyber or to their military doctrine. To think otherwise, misjudges how cyber has an effect in military campaigns.

‘That’s not to say that we haven’t seen cyber in this conflict. We have - and lots of it. Through the National Cyber Security Centre, a part of GCHQ, we’ve seen sustained intent from Russia to disrupt Ukrainian government and military systems. We’ve seen what looks like some spill over of activity affecting surrounding countries. And we’ve certainly seen indications which suggests Russia’s cyber actors are looking for targets in the countries that oppose their actions. So just as we pay tribute to the Ukrainian military’s brave actions, we should pay tribute to Ukrainian cyber security too. We and other allies will continue to support them in shoring up their defences. And at home, we are doing all we can to ensure sure that businesses and Government urgently follow through on plans to improve basic levels of cyber resilience. I know your ACSC (Australian Cyber Security Centre) is doing the same here in Australia.

‘Whether we’re building on the lessons from the pandemic, understanding the implications of Russia’s invasion, or grappling with the implications of China’s rise, it’s clear that we must step up. There are many ways for us to do that, but it seems to me that two things are very important.

  • ‘The first is that we have to find new ways to collaborate and cooperate with partners. For those of us in National Security, that’s about ensuring the health of existing relationships.

It’s about securing our alliances, like the Five Eyes, NATO and in this region, ASEAN. And it’s about working with businesses in new and truly collaborative ways.  And to do this we need to make sure that our counteroffer, to states who haven’t yet decided which way they should jump, is persuasive and coherent. Too often it’s not.

  • ‘And the second is that in whatever we do, we must make sure that we stay true to our values, those that have made our systems and democracies so successful and will do so in the future too. 

‘I spoke at the beginning about how against a backdrop of historic shifts, a new global security architecture was emerging. And all of this change will take decades to resolve. But what I can be clear on now is that how we approach these challenges will be as important as what our response is. And all of us in this room today must play our part in following that through. 

GCHQ:     Australian National University:     Sky:      US News:     

You Might Also Read:

The App At The  Frontline Of Information Warfare:

 

« Google’s Emergency Update For Chrome
Bank of Ireland Fined €463,000 Over Data Breaches »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

REVI-IT

REVI-IT

REVI-IT is a Danish state-owned audit firm focusing on enterprise IT business processes and compliance,

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

Redjack

Redjack

Redjack is a cutting-edge network analytics company focused on enterprise and ISP security and intelligence solutions.

ATIS Systems

ATIS Systems

ATIS Systems offers first-class complete solutions for legal interception, mediation, data retention, and IT forensics.

SBD Automotive

SBD Automotive

SBD Automotive are specialists in automotive technology providing independent research and consultancy to help create smarter, more secure, better connected, and increasingly autonomous cars.

AXELOS

AXELOS

AXELOS develops best practice frameworks and methodologies used globally by professionals working primarily in IT management and cyber resilience.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

Bolt Learning

Bolt Learning

Bolt's Cyber Security eLearning module provides users with an in-depth understanding of cybercrime, how it can occur and what everyone can contribute to preventing it.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

Raiven Capital

Raiven Capital

Raiven Capital is a global early-stage technology venture capital fund. We focus on founder-led, driven companies on the leading edge of disruption.

Marlink

Marlink

Marlink smartly integrates hybrid, future-ready network solutions so you can benefit from the best available connectivity and IT to accelerate your digitalisation and empower your remote operations.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

InQuest

InQuest

InQuest specialize in providing comprehensive network-based security solutions that empower organizations to protect their most critical assets: their people.

Black Breach

Black Breach

Black Breach experts protect your organization from cyber threats with military-grade AI-tooled cybersecurity solutions.