UK cyber force opens up on fight to defeat rising threat

The UK’s National Cyber Force (NCF) has issued new guidance for business and organisations as  the director of GCHQ  warning the stakes have never been higher.

Established in 2020, the National Cyber Force (NCF) is a partnership between GCHQ and the Ministry of Defence which carries out cyber operations on a daily basis to protect against threats to the UK, further the UK’s foreign policy, support military operations, and prevent serious crime.

It has released a new document, ‘NCF: Responsible Cyber Power in Practice’  which builds on the commitment in the recently launched  Government Integrated Review Refresh (IRR) to be as transparent as possible about the NCF’s cyber capabilities and provide clarity on how the UK acts as a responsible and democratic cyber power.

Director GCHQ, Sir Jeremy Fleming, (pic) said the threat of cyber was continuing to increase and that any nation state had a duty to protect its infrastructure, businesses and population.

“In an increasingly volatile and interconnected world, to be a truly responsible cyber power, nations must be able to contest and compete with adversaries in cyberspace,” he explained. “In the UK, the National Cyber Force complements the UK’s world class cyber resilience to give the country operational cyber capabilities at the scale needed to protect our free, open, and peaceful society.

“Building upon two decades of experience, the dynamic new partnership has countered state threats, made key contributions to military operations, and disrupted terrorist cells and serious criminals including child sex offenders.

“With the threat growing and the stakes higher than ever before, we hope this document provides a benchmark for the UK’s approach and a basis for like-minded governments to come together internationally to establish a shared vision and values for the responsible use of cyber operations.”

The UK has this week said it is reiterating its commitment to international stability and security, and illustrating how states can act responsibly in cyberspace through demonstrating how the NCF’s operations are accountable, precise and calibrated.

“This contrasts with the reckless and indiscriminate activities of those who would do harm to the UK and its allies,” a spokesperson added. “All of the NCF’s operations are conducted in a legal and ethical manner, in line with domestic and international law and our national values. The operations are based on a deep understanding of the cyber environment, which enables NCF to design, time and target them with precision.”

They added central to the NCF’s approach is the “doctrine of cognitive effect” – using techniques that have the potential to sow distrust, decrease morale, and weaken our adversaries’ abilities to plan and conduct their activities effectively. This can include preventing terrorist groups from publishing pieces of extremist media online or making it harder for states to use the internet to spread disinformation by affecting their perception of the operating environment.

“The NCF’s work is covert and we therefore do not reveal details of individual operations,” the spokesperson continued. “Indeed the intent is sometimes that adversaries do not realise that the effects they are experiencing are the result of a cyber operation. This ambiguity can help to amplify the cognitive effect.”

Despite the necessary level of secrecy, in line with its commitment to being a responsible cyber actor, the government has disclosed that over the last three years the NCF has delivered operations to:

  • protect military deployments overseas.
  • disrupt terrorist groups.
  • counter sophisticated, stealthy and continuous cyber threats.
  • counter state disinformation campaigns.
  • reduce the threat of external interference in democratic elections; and
  • remove child sexual abuse material from public spaces online.

“Through ‘NCF: Responsible Cyber Power in Practice’, the UK is reiterating its commitment to international stability and security, and illustrating how states can act responsibly in cyberspace, in line with domestic and international law,” the spokesperson concluded.

SHARE: