Cyber Security: GCHQ's Director Speaks Out

This is an edited version of Britain's Spy Agency GCHQ's Director Sir Jeremy Fleming's speech given to the  Australian National University on 31st March.

‘Now, it’s stating the obvious to point out that the World has changed since my last visit: the pandemic, the profile and dominance of technology and cyber, the role of China, the end of the Afghan campaign and now Putin’s invasion of Ukraine.

‘Any one of these could be viewed as a historic shift. Taken together, they add up to a period of generational upheaval. The economic, societal and geo-political consequences are still playing out – and will do for decades to come. And that’s obviously the case in the world of National Security too. Here, the threats we face and our approaches to their mitigation are changing rapidly.

‘There’s much talk of the need to design a new global security architecture. My contention is that it is already happening. It is already different.

‘The pandemic has made clear that we are interconnected and dependent in ways we hadn’t fully understood. We’ve had to wake up to the reality of what that means for our economies and our security. And we’ve seen how vital technology is to stay connected, to keep our economies going and to change the way that we work…even in the national security community. 

‘Yet it’s also shown how vulnerable our nations are to cyber threats and how quickly our adversaries adapt to take advantage.

‘The lesson, for me, that our cyber security isn’t good enough and we need to invest in making it better. ‘And even though we believe Putin’s advisers are afraid to tell him the truth, what’s going on and the extent of these misjudgements must be crystal clear to the regime. This week, the Russian MOD stated publicly that they will drastically reduce combat operations around Kyiv and a city in the North. It looked like they have been forced to make a significant change.. But then they proceeded to launch attacks in both of those places. Mixed messages or deliberate misinformation - we’ll have to see how it unfolds.

‘I’ll start with the prominence of the information front. Russia wrote the hybrid warfare book. State media, on-line media and agents of influence are all used to obfuscate motivations and justify military actions. We’ve seen them use this playbook in Syria and many other theatres.

'Their aim is to promulgate disinformation. To sow mistrust in the evidence and to amplify false narratives. It’s also to make sure that the real picture of what’s going on doesn’t get exposed inside Russia.

‘And that’s where the most dangerous disinformation war is being waged. We know Putin’s campaign is beset by problems – low morale, logistical failures and high Russian casualty numbers. Their command and control is in chaos. We’ve seen Putin lie to his own people in an attempt to hide military incompetence. And all of that means, he seeks brutal control of the media and access to the Internet, he seeks the closing down of opposition voices, and he’s making heavy investment in their propaganda and covert agencies.

‘But here again, it’s clear that Putin has miscalculated. President Zelensky’s information operation has shown itself to be extremely effective. It’s agile, multi-platform, multi-media and extremely well-tailored to different audiences. 

‘And it’s a message supported by information campaigns all over the World. In the UK, it’s focused in a new Government Information Cell which identifies and counters Kremlin disinformation targeted at UK and international audiences. It brings together expertise from across government to challenge false narratives. It deals in facts, not falsehoods; making sure that the truth is told well. And increasingly, many of those ‘truths’ come from intelligence. It is already a remarkable feature of this conflict just how much intelligence has been so quickly declassified to get ahead of Putin’s actions. 

‘From the warnings of the war. To the intelligence on false flag operations designed to provide a fake premise to the invasion. And more recently, to the Russian plans to falsely claim Ukrainian use of banned chemical weapons.
On this and many other subjects, deeply secret intelligence is being released to make sure the truth is heard. At this pace and scale, it really is unprecedented. In my view, intelligence is only worth collecting if we use it, so I unreservedly welcome this development.

Cyber Operations Against Ukraine

Turning to the cyber dimension of Russia's invasion, Sir Jeremy said his agency never thought a catastrophic cyber attack was central to Moscow's use of cyber in a war. Instead, he said there have been lots of cyber operations against Ukraine.  

"We've certainly seen indicators which suggests Russia's cyber actors are looking for targets in the countries that oppose their actions... Of course, other aspects of this confrontation play out in cyber space. There has been commentary expressing surprise that we haven’t seen the Russians deploy a major cyber-attack as part of their campaign. I think a lot of this misses the point. Whilst some people look for cyber ‘Pearl Harbours’, it was never our understanding that a catastrophic cyber attack was central to Russian’s use of offensive cyber or to their military doctrine. To think otherwise, misjudges how cyber has an effect in military campaigns.

‘That’s not to say that we haven’t seen cyber in this conflict. We have - and lots of it. Through the National Cyber Security Centre, a part of GCHQ, we’ve seen sustained intent from Russia to disrupt Ukrainian government and military systems. We’ve seen what looks like some spill over of activity affecting surrounding countries. And we’ve certainly seen indications which suggests Russia’s cyber actors are looking for targets in the countries that oppose their actions. So just as we pay tribute to the Ukrainian military’s brave actions, we should pay tribute to Ukrainian cyber security too. We and other allies will continue to support them in shoring up their defences. And at home, we are doing all we can to ensure sure that businesses and Government urgently follow through on plans to improve basic levels of cyber resilience. I know your ACSC (Australian Cyber Security Centre) is doing the same here in Australia.

‘Whether we’re building on the lessons from the pandemic, understanding the implications of Russia’s invasion, or grappling with the implications of China’s rise, it’s clear that we must step up. There are many ways for us to do that, but it seems to me that two things are very important.

  • ‘The first is that we have to find new ways to collaborate and cooperate with partners. For those of us in National Security, that’s about ensuring the health of existing relationships.

It’s about securing our alliances, like the Five Eyes, NATO and in this region, ASEAN. And it’s about working with businesses in new and truly collaborative ways.  And to do this we need to make sure that our counteroffer, to states who haven’t yet decided which way they should jump, is persuasive and coherent. Too often it’s not.

  • ‘And the second is that in whatever we do, we must make sure that we stay true to our values, those that have made our systems and democracies so successful and will do so in the future too. 

‘I spoke at the beginning about how against a backdrop of historic shifts, a new global security architecture was emerging. And all of this change will take decades to resolve. But what I can be clear on now is that how we approach these challenges will be as important as what our response is. And all of us in this room today must play our part in following that through. 

GCHQ:     Australian National University:     Sky:      US News:     

You Might Also Read:

The App At The  Frontline Of Information Warfare:

 

« Google’s Emergency Update For Chrome
Bank of Ireland Fined €463,000 Over Data Breaches »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

Thales

Thales

Thales provides solutions, services and products that help its customers in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions.

Proact IT Group

Proact IT Group

Proact is Europe's leading independent data centre and Cloud services enabler. We deliver flexible, accessible and secure IT solutions and services.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

Excelsecu Data Technology

Excelsecu Data Technology

Excelsecu is a global solution provider of online identity authentication, widely applied in banks, government bodies and enterprises.

SoSafe

SoSafe

SoSafe empowers organizations to build a security culture and mitigate risk with its GDPR-compliant awareness programs.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

tTech

tTech

tTech is the first and foremost company providing outsourced Information Technology solutions to businesses in Jamaica.

Green Enterprise Solutions

Green Enterprise Solutions

Green Enterprise Solutions are a Namibian company providing Information and Communication Technology (ICT) services to corporate Namibia.

American Technology Services (ATS)

American Technology Services (ATS)

American Technology Services provides unparalleled services in information technology to support small and mid-sized business. From top-level strategy, to managed services and infrastructure support.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

Siren

Siren

Siren provides the leading Investigative Intelligence Platform to some of the world’s leading Law Enforcement, National Security and Cyber threat investigators.

Intelidata Techedge Pvt. Ltd.

Intelidata Techedge Pvt. Ltd.

Intelidata are a Global Cyber Security Consultancy and Services firm that helps companies drive growth by minimizing risk and maximizing potential.

LEPHISH

LEPHISH

LePhish is a French cybersecurity solution specializing in automated phishing campaigns.