China poses genuine and increasing cyber security risk to UK, says GCHQ director


China poses a genuine and increasing cyber risk to the UK, the director of Britain’s electronic intelligence gathering agency said today.

Anne Keast-Butler used her first major public speech as director of GCHQ to call out China’s development of hostile hacking capabilities.

The warning reflects concerns by western intelligence agencies that the People’s Republic of China (PRC) is increasingly working with non-state cyber organisations to boost its hacking capabilities.

She warned that China’s “coercive and destabilizing” actions posed a significant threat to the UK and other western countries.

“In cyberspace, we believe that the PRC’s irresponsible actions weaken the security of the internet for all,” she said.

“China has built an advanced set of cyber capabilities and is taking advantage of a growing commercial ecosystem of hacking outfits and data brokers at its disposal,” she added.

The government has called out Chinese hackers for threatening the security of the UK in recent months.

These include a campaign by a Chinese state sponsored hacking group, which targeted email accounts of over 40 UK parliamentarians that had spoken out against China.

Chinese state sponsored hackers were also responsible for compromising the Electoral Commission between 2021 and 2022.

Vulnerabilities stockpiled

The Chinese government is stockpiling security vulnerabilities to use in future hacking attacks according to cyber security officials.

Under Chinese law, Chinese companies and cyber security organisations are required to report newly discovered security vulnerabilities to the Chinese government.

A Chinese hacking competition due to take place in June 2024, for example is offering $2.5 million in prize money for exploits and vulnerabilities in software, operating systems, network and security equipment.

Western intelligence agencies are concerned that Chinese state sponsored hacking groups are gaining access to computer networks of energy, electricity and other critical services providers to use as potential political leverage.

They warn that the groups are installing hacking capabilities that could be used at a later date to threaten to disrupt critical infrastructure of western countries.

Harry Coker, national security director at the White House, said in a speech today that the Chinese People’s Liberation Army had invested “tremendous” resources in a cyber programme “to hold critical civilian infrastructure at risk.”

“In a crisis or conflict scenario, China could use their pre-positioned cyber capabilities to wreak havoc in civilian infrastructure and deter U.S. military action,” he said.

“Make no mistake: This is a global challenge. China’s ambitions to use its cyber power coercively extends far beyond the United States,” he said.

Felicity Oswald, CEO of the National Cyber Security Centre (NCSC), the UK’s technical authority on cyber security, added that alongside China, Russia, and North Korea continue to pose the greatest risk to the UK and its allies.

“China poses a systemic challenge to our values and interests, a challenge that grows more acute as the country moves towards even greater authoritarianism,” she said, speaking at the NCSC’s Cyber UK conference.

She singled out the Chinese Volt Typhoon hacking group, which, she said could be laying the groundwork for disruptive or destructive cyber-attacks.

Volt Typhoon has targeted multiple CNI operators in the US Pacific island territory of Guam, close to Taiwan, and also across the US.

They include communications services providers, manufacturers, utilities, transport operators, construction firms, IT companies, educational institutions and government bodies. 

There have been no indications that Volt Typhoon has targeted organisations in the UK.

But Oswald said the group served as a clear warning about China’s intent to hold essential networks at risk.

“And it is a warning that providers of essential services in the UK cannot afford to ignore,” she said.



Source link