GCHQ head discloses offensive cyber campaign against ISIS, lambastes Russia
GCHQ head discloses offensive cyber campaign against ISIS, lambastes Russia

In his first public speechGovernment Communications Headquarters (GCHQ) director Jeremy Fleming acknowledged that the agency recently coordinated a major cyber offensive operation against ISIS, significantly crippling the terrorist group's ability to recruit and coordinate attacks online.

Speaking at the National Cyber Security Centre's (NCSC) CyberUK 2018 Conference in Manchester this week, Fleming also excoriated Russia for its "unacceptable cyber- behaviour," including its spread of disinformation and fake news and its launch of the June 2017 NotPetya disk wiper malware attack, which targeted Ukraine, but spread worldwide.

Conducted in partnership with the Ministry of Defence, the offensive operation against ISIS - also known as Daesh - represents the "first time the UK has systematically and persistently degraded an adversary's online efforts as part of a wider military campaign," said Fleming. "Did it work? I think it did."

The campaign featured a number of key objectives, Fleming added, including to "deny service, disrupt a specific on-line activity, deter an individual or a group, or perhaps even destroy equipment and networks," said Fleming.

"In 2017 there were times when Daesh found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications," he continued.

In his criticism of Russia, Fleming said that the Kremlin is "blurring the boundaries between criminal and state activity," a charge he also levelled against North Korea, citing its reported use of WannaCry ransomware in a worldwide 2017 attack.

Fleming said that Russia's apparent role in the nerve agent attack earlier this year against former Russian military intelligence officer and UK double agent Sergei Skripal and his daughter Yulia "demonstrates how reckless Russia is prepared to be, how little the Kremlin cares for the international rules-based order, how comfortable they are at putting ordinary lives at risk."

"We'll continue to expose Russia's unacceptable cyber-behaviour, so they're held accountable for what they do, and to help government and industry protect themselves," he asserted.

Fleming acknowledged how cyber-criminal groups have also gained access to increasingly sophisticated cyber tools. "We're seeing criminal gangs using malware such as Zeus and Trickbot or ransomware like Locky and Bitpaymer to make millions of pounds in the UK and around the world," said the director. "The attack and the attackers don't care about the size or sector of their victim - they thrive on the anonymity of the internet to demand payment in cryptocurrencies."

On Wednesday, the NCSC's CyberUK conference featured a speech by UK Home Secretary Amber Rudd, who said that over the past six months, "the NCSC has responded to 49 incidents associated with Russian cyber groups, some of which have hundreds of potential victims." The NCSC is the public-facing part of GCHQ.