New offensive cyber force will "confront aggressive behaviour", says Foreign Secretary

The National Cyber Force will work out of Lancashire, bringing together staff from the MoD, GCHQ and MI6 to counter cyber threats - and launch offensive operations.
Written by Danny Palmer, Senior Writer

The UK's centre for offensive cyber operations aimed at disrupting nation-state hacking groups, cyber criminals and other online threats against national security is set for a permanent home in Samlesbury, Lancashire.  

First announced last year, the National Cyber Force (NCF) is a joint venture by the Ministry of Defence (MoD) and intelligence service GCHQ and brings together intelligence, cyber and security personnel from the MoD and GCHQ, along with staff from secret intelligence service MI6 and the Defence Science and Technology Laboratory (DSTL). It's the first time staff from each body will be united under one unified command.  

The NCF's new permanent site in Samlesbury, just outside Preston – and already home to a BAE Systems military aircraft factory – puts it just a short journey from GCHQ's Manchester office. The force will also work with law enforcement and international partners to help counter a range of national security threats in what's described as a "legal, ethical and proportionate way". 

SEE: What is cyberwar? Everything you need to know about the frightening future of digital conflict

Previously disclosed offensive cyber operations carried out by the UK include a sustained cyber campaign against Daesh in 2016, as well as using cyberattacks against ISIS propaganda networks in 2018. It's hoped that the potential for offensive cyber operations could dissuade hostile forces from conducting their own campaigns against the UK. 

"The National Cyber Force will help confront aggressive behaviour from malign actors, and demonstrate that Britain is investing in next-generation defence capability to protect our people and help our friends counter cyber threats. It sends a powerful message to our allies and adversaries alike," said Foreign Secretary Liz Truss. 

However, while the government is keen to promote the NCF as a body that can help protect the UK from cyberattacks, particularly those by hostile nation states, there are limits to what it can do. One of the largest, most significant cyberattacks to hit the UK in recent years was the WannaCry ransomware attack, which disrupted significant portions of the National Health Service – it's unclear how the NCF could've prevented this attack, if at all. 

"The National Cyber Force will do many good, useful things," Ciaran Martin, professor of practice at the University of Oxford's Blavatnik School of Government – and former director of the NCSC – said in a tweet.  

"But the NCF couldn't & wouldn't have stopped something like Wannacry. To imply that it could is to set it up to fail. Need realism in the offensive cyber debate," he added. 

SEE: A cloud company asked security researchers to look over its systems. Here's what they found

The announcement of a permanent headquarters for the National Cyber Force comes at a time when cybersecurity appears to be high on the international political agenda. 

The threat of ransomware has caused significant disruption all this year and the White House is set to convene a 30-country meeting this month to address cybersecurity issues.  


Editorial standards