The recently-installed director of GCHQ, Jeremy Fleming, has warned that the ongoing battle to protect the UK from cyber criminals is now as important as combatting terrorism.
The career spy, who has been in the post for six months, said extra government funding was helping GCHQ to become a cyber organisation as well as an intelligence agency.
“This profound development is led within GCHQ by the National Cyber Security Centre (NCSC), one year old last week,” Fleming wrote in an article for the Telegraph.
NCSC has responded to nearly 600 “significant incidents” over the last 12 months, equivalent to almost two a day, Fleming said.
WannaCry ransomware paralysed parts of the NHS and thousands more organisations in May, while a targeted strike on Westminster left MPs locked out of their emails in June.
“In dealing with these cases, […] NCSC drew on GCHQ’s data, analytical capabilities, skills and partnerships, which help us to prevent attacks as well as respond to them,” Fleming said.
The former deputy director of MI5 added that the work of NCSC meant GCHQ was coming out of the shadows to assist the public and private sectors:
“All of this can feel deeply challenging for a GCHQ that by necessity has worked in the shadows. It remains the case that much of what we do must remain secret. But I welcome the shift.”
Lee Munson, a security researcher for Comparitech.com, welcomed the news that the government was taking cyber security seriously by providing additional funding to GCHQ.
But he added that it was vital businesses did not become complacent: “It is imperative that national industries, businesses and individuals continue to invest in technology and training for themselves instead of relying upon [GCHQ and NCSC].
Fleming said that everyone benefits from the ease and speed of “connecting across the planet and from the additional security provided by default encryption”.
But he added: “Hostile states, terrorists and criminals use those same features – instant connectivity and encrypted communications – to undermine our national security, attack our interests and, increasingly, commit crime.”
Robert Hannigan, Fleming’s predecessor at GCHQ, launched a robust defence of end-to-end encryption in his first media appearance since stepping down.
He told the Today Programme in July that the technology is “overwhelmingly a good thing”. “I don’t advocate building in backdoors,” he said. “It’s not a good idea to weaken security for everybody in order to tackle a minority.”