"If GCHQ is to continue to help keep the country safe, then protecting the digital homeland -- keeping our citizens safe and free online -- must become and remain as much part of our mission as our global intelligence reach and our round-the-clock efforts against terrorism," Jeremy Fleming, the director of GCHQ, wrote in an article for the Telegraph.
While the UK government surveillance service is best known for gathering intelligence on criminals, terrorists, and foreign states, it also has a cybersecurity arm: the National Cyber Security Centre (NCSC). Recently the NCSC said 1,131 cyber incidents had been reported to it in the past year.
Fleming said that the agency is investing in security "to make GCHQ a cyber organisation, as well as an intelligence and counter-terrorism one." But he said balancing the security role with GCHQ's more traditional spy role was difficult: "All of this can feel deeply challenging for a GCHQ that by necessity has worked in the shadows," he admitted.
Cyber attacks on UK by other states and large scale cyber crime were identified as a 'tier one' threat in the 2010 National Security Strategy, alongside terrorism, war and natural disasters. "Attacks in cyberspace can have a potentially devastating real-world effect. Government, military, industrial and economic targets, including critical services, could feasibly be disrupted by a capable adversary," the strategy said.
"We all derive great benefit from the ease and speed of connecting across the planet and from the additional security provided by default encryption. But hostile states, terrorists and criminals use those same features - instant connectivity and encrypted communications - to undermine our national security, attack our interests and, increasingly, commit crime," said Fleming.