Posted on October 9, 2017
Keeping the UK safe from cyber-attacks is now as important as fighting terrorism, the head of the intelligence monitoring service GCHQ has said.
Jeremy Fleming said increased funding for GCHQ was being spent on making it a “cyber-organisation” as much as an intelligence and counter-terrorism one.
It comes after the NHS and parliament suffered cyber-attacks this year.
Mr Fleming said there had been nearly 600 “significant” cyber-attacks needing a national response in the last year.
Writing in the Daily Telegraph, the ex-deputy director of MI5, who became GCHQ director in March, said the UK’s adversaries were “quick to spot new ways of doing us harm”.
“We see that in the way terrorists are constantly changing their weapons, or states are using their full range of tools to steal secrets, gain influence and attack our economy”.
But he said until the UK’s National Cyber Security Centre (NCSC) was set up last year, GCHQ’s work on cyber-security “too often felt like the poor relation”.
The NCSC now has a “world-leading programme to reduce the incidence and impact of cyber-attacks without users even noticing,” he added.
It now works with private firms, schools and universities as well as the media, as part of its cyber-security role.
That can “feel deeply challenging” for the secretive Cheltenham-based agency, which is used to working “in the shadows”, he added.
However, he said: “If GCHQ is to continue to help keep the country safe, then protecting the digital homeland – keeping our citizens safe and free online – must become and remain as much part of our mission as our global intelligence reach and our round-the-clock efforts against terrorism.”
In May, NHS services across England and Scotland were hit by a large-scale cyber-attack that disrupted hospital and GP appointments.
The incident was part of an untargeted wider attack affecting organisations globally.
And in June, up to 90 email accounts were compromised during the cyber-attack on Parliament.
Last week, NCSC head Ciaran Martin said 1,131 cyber-attacks were reported in the centre’s first year.
Of those, 590 were classed as significant and more than 30 were assessed as serious enough to require a cross-government response.