Cybersecurity: UK could build an automatic national defence system, says GCHQ chief

Government, security firms and technology companies should be doing the heavy lifting when it comes to protecting against hacking and cyberattacks, says the UK's intelligence service.
Written by Danny Palmer, Senior Writer

The UK could one day create a national cyber-defence system built on sharing real-time cybersecurity information between intelligence agencies and business, the head of GCHQ has said. 

Individual internet users shouldn't be forced to hold responsibility for staying safe online in the face of cyber-criminal gangs and advanced hacking groups, but rather it's cooperation between government, internet service providers and technology firms that should be doing the heavy lifting when it comes to cybersecurity, says the director of the UK's intelligence services. 

With a recent UK cybersecurity survey suggesting that only 15 percent of people say they know how to protect themselves online, it's time "to do more to take the burden of cybersecurity away from the individual," Jeremy Fleming, director of GCHQ will tell a security conference today. 

Fleming's address is the keynote address at CYBERUK 19, a conference set up and run by the National Cyber Security Centre (NCSC) – the cybersecurity arm of GCHQ.

"This technological revolution is providing extraordinary opportunity, innovation and progress – but it's also exposing us to increasing complexity, uncertainty and risk," he will tell the audience at the Scottish Event Campus in Glasgow, adding how it also "brings new and unprecedented challenges for policymakers as we seek to protect our citizens, judicial systems, businesses - and even societal norms."

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

Malicious cyber operations pose a threat to everyone from individuals and SMBs, to large organisations, critical national infrastructure and even governments, but the NCSC's mission is to use "unique insights into the structural vulnerabilities of the internet in partnership with business to detect, disrupt and fix malicious online behaviour," said Fleming.

One way the UK's 'Active Cyber Defence' programme has already achieved success is by reducing the number of phishing websites from cyber attackers that are hosted in the UK: as of last month, under two percent of global phishing websites are hosted in the UK, down from over five percent when the programme began in 2016.

GCHQ has achieved this by working in partnership with ISPs and cybersecurity firms, and Fleming pointed to a particular success around phishing emails claiming to come from the tax office in an effort to steal banking credentials and other personal data.

"HMRC is an excellent case study of a department leading the way in protecting its customers. In 2016, HMRC was the 16th most phished brand globally, accounting for 1.25% of all phishing emails sent. Today it is ranked 146th and accounts for less than 0.1% of all phishing emails," he said.

A protective DNS system for the public sector has also blocked malware attacks – such as the Conficker worm, which has been active since 2008 – on public sector networks. Fleming argued that private sector organisations should work with GCHQ in the same way as the public sector does in order to protect against attacks using automated services.

Fleming will describe how the agency is now sharing time-critical information in a matter of seconds to allow business to take action.

"With just one click, this information can be shared and action taken. In the coming year, we will continue to scale this capability – so whether it's indicators of a nation-state cyber actor, details of malware used by cyber criminals, or credit cards being sold on the Dark Web, we will declassify this information and get it back to those who can act on it," he will say. 

"If enough do, the results could be truly transformational – a whole-of-nation, automated cyber-defence system," Fleming will say. However, he also warned that improving cybersecurity in this way is only achievable if all parties work to "build a genuinely national effort – with more connections and deeper cooperation with the private sector, and even closer working with our partners and allies."

SEE: The secret to being a great spy agency in the 21st century: Incubating startups (TechRepublic)

For this to happen, government, private sector and academia all need to work together by applying expertise to bolster cybersecurity for individual consumers – and to help protect them against both current and future cyber threats.

"To make this a success, our strongest defence and most powerful weapon will be our ingenuity – our ability to imagine what has yet to be imagined. To see further into the future than anyone else. Our vision for the next stage of the UK's cybersecurity strategy aims to do just that. The prize is great – a safer, more successful UK," Fleming is due to say.


Editorial standards