GCHQ warns cyber threats ‘as big an issue as terrorism’

"Image credit: Thinkstock/Wavebreak Media"

The threat of cyber attacks against businesses and institutions in the UK needs to be treated as seriously as the risks posed by terrorism, the head of communications monitoring agency GCHQ has stated.

Writing in the Daily Telegraph, Jeremy Fleming, who was formerly the deputy director of MI5, said that defending the nation's digital infrastructure is taking on increased importance as both state-sponsored actors and criminal and terror organisations become quick to identify new ways of doing harm.

"We see that in the way terrorists are constantly changing their weapons or states are using their full range of tools to steal secrets, gain influence and attack our economy," he wrote.

Mr Fleming added that the biggest changes are taking place in the online space, as the speed of change and technological advancement affects virtually everyone on the planet. But while this brings with it "amazing potential for individuals, communities, business and countries", this potential exists for both "friends and foe alike".

The GCHQ director stated that over the last year, the UK's newly-formed National Cyber Security Centre (NCSC), which is based within GCHQ, has dealt with nearly 600 significant incidents that required a coordinated, national response.

While some of these have been high-profile, such as the WannaCry ransomware attack that infected many computers within the NHS and the incident which saw email accounts belonging to Parliament compromised, there were also many lesser-reported, but no less serious, breaches and criminal attacks.

"In dealing with these cases … the NCSC drew on GCHQ's data, analytical capabilities, skills and partnerships, which help us to prevent attacks as well as respond to them," Mr Fleming said.

However, he warned that it will be vital to continue investing heavily in cyber defences, as well as working closely with the private sector, to protect the UK's 'digital homeland', and GCHQ's role to keep sensitive information and systems secure must no longer be seen as the "poor relation" of the country's security efforts