Threat Management, Threat Intelligence

U.K. intel director discloses offensive cyber campaign against ISIS, lambastes Russia


In his first public speech, the U.K.'s Government Communications Headquarters (GCHQ) Director Jeremy Fleming acknowledged that the agency recently coordinated a major cyber offensive operation against ISIS, significantly crippling the terrorist group's ability to recruit and coordinate attacks online.

Speaking at the National Cyber Security Centre's (NCSC) CyberUK 2018 Conference in Manchester today, Fleming also excoriated Russia for its "unacceptable cyber behavior," including its spread of disinformation and fake news and its launch of the June 2017 NotPetya disk wiper malware attack, which targeted Ukraine, but spread worldwide.

Conducted in partnership with the Ministry of Defence, the offensive operation against ISIS -- also known as Daesh -- represents the "first time the U.K. has systematically and persistently degraded an adversary's online efforts as part of a wider military campaign," said Fleming. "Did it work? I think it did."

The campaign featured a number of key objectives, Fleming added, including to "deny service, disrupt a specific on-line activity, deter an individual or a group, or perhaps even destroy equipment and networks," said Fleming.

"In 2017 there were times when Daesh found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications," he continued.

In his criticism of Russia, Fleming said that the Kremlin is "blurring the boundaries between criminal and state activity," a charge he also leveled against North Korea, citing its reported use of WannaCry ransomware in a worldwide 2017 attack.

Fleming said that Russia's apparent role in the nerve agent attack earlier this year against former Russian military intelligence officer and U.K. double agent Sergei Skripal and his daughter Yulia "demonstrates how reckless Russia is prepared to be, how little the Kremlin cares for the international rules-based order, how comfortable they are at putting ordinary lives at risk."

"We'll continue to expose Russia's unacceptable cyber behavior, so they're held accountable for what they do, and to help government and industry protect themselves," he asserted.

Fleming acknowledged how cybercriminal groups have also gained access to increasingly sophisticated cyber tools. "We're seeing criminal gangs using malware such as Zeus and Trickbot or ransomware like Locky and Bitpaymer to make millions of pounds in the U.K. and around the world," said the director. "The attack and the attackers don't care about the size or sector of their victim -- they thrive on the anonymity of the internet to demand payment in cryptocurrencies."

On Wednesday, the NCSC's CyberUK conference featured a speech by UK Home Secretary Amber Rudd, who said that over the past six months, "the NCSC has responded to 49 incidents associated with Russian cyber groups, some of which have hundreds of potential victims." The NCSC is a unit of GCHQ.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.