NCSC Chief Reflects On Cyber Crime, China, Russia & Technology
Ciaran Martin the CEO of the UK’s National Cyber Security Centre (NCSC), is to step down later in 2020 after almost seven years.
The NCSC, which is part of GCHQ, is the UK’s lead authority on cyber security, overseeing the response to cyber-attacks and improving the cyber resilience of the UK’s national infrastructure.
According to its own data, since 2016, the National Cyber Security Centre has dealt with over 2,000 major cyber security incidents.
The NCSC now employs more than 1,000 and commands a budget in excess of £250m. It has dealt with well over 2,000 major cyber security incidents since it opened its doors in 2016, and has driven a more assertive cyber security policy on behalf of the government.
He said cyber-criminals were quick to exploit Covid-19, using it to persuade people to click on links or buy fake goods and that placed new demand on systems built to automate cyber-defences and spot spoof messages.
At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.
But it was not just cyber crime groups who were on the move, foreign spies also began to go after new targets and protecting universities and researchers seeking a coronavirus vaccine became an urgent new priority. "Many of the people involved never thought they'd be in a case where they'd be talking to part of an intelligence service about resisting major nation state threats against their work," Mr Martin says.
In July, the UK, along with the US and Canada, accused Russian intelligence of trying to steal vaccine research. The accusation, known as an "attribution", came because the NCSC could draw on GCHQ's long history monitoring Russian hackers. "We have built up significant knowledge of some of the major attack groups from the major nation states, including Russia, over more than two decades," Mr Martin says."For a lot of the things that we were seeing in the high end of vaccine protection, it was detected by us because it was the more sophisticated end, where the attacker is trying harder not to get caught."
Mr Martin says the NCSC has not seen the need to issue specific guidance about Chinese company TikTok, however, which the Trump administration claims is a threat to US national security. "The amount of personal data it collects, people need to be aware of," he says, but "it is slightly less than some of the others". While China has risen up the agenda, Russia has been the more constant concern for the NCSC.
Russia was accused of interfering in the 2019 British general election by hacking and leaking trade documents. "It shows that there is an ongoing threat to democratic processes," according to Mr Martin. "It is not the case in my judgement that there has been sustained high-quality effective disruption of UK politics by the Russians."
Martin defends the intelligence services against the accusation in the recent "Russia report" they have not focused enough on the threat from Moscow. But he also says it should not be the job of spy agencies to regulate political debate. "No-one wants to live in a country where the likes of parts of GCHQ or MI5 are in charge of verifying political information in the midst of an election," he says.
Martin leaves the civil service after 23 years, for a position at Oxford University.where he will be appointed as a Professor of Practice in Public Management, based at the Blavatnik School of Government.
The National Cyber Security Centre (NCSC) has announced that Lindy Cameron is to become its new chief executive from October. Her role will include overseeing the organisation’s response to hundreds of cyber incidents each year, improving the cyber resilience of the UK’s critical national infrastructure, identifying the risks and opportunities for the UK in emerging technologies and leading the NCSC’s ongoing response to the coronavirus pandemic.
NCSC: BBC: Evening Express: Computer Weekly: New Statesman:
You Might Also Read:
Britain's National Cyber Security Strategy Beyond 2021: