Posts Tagged ‘British intelligence’

Cybersecurity Expert Explains Takeways From The Russia Indictments

July 15, 2018

Twelve Russian agents have been indicted in Robert Mueller’s investigation into Russian interference. NPR’s Michel Martin speaks with cybersecurity expert Matt Tait about what the indictment mean.


We’re going to start the program today with the latest news out of special counsel Robert Mueller’s investigation into Russian interference in the 2016 election. Twelve officers with the Russian military intelligence agency, GRU, were charged yesterday with hacking multiple Democratic targets – the Democratic National Committee, the Hillary Clinton presidential campaign and the Democratic Congressional Campaign Committee. The grand jury indictment, which was announced by Assistant Attorney General Rod Rosenstein, describes in great detail how these Russian agents carried out this alleged cyberattack. Those details also suggest where that investigation could head next. In a minute, we’ll talk with a former assistant attorney general who specialized in national security about how this new information could affect Mueller’s investigation.

But first, we wanted to hear more about the indictment and what exactly we learn from these latest revelations. Joining us now is Matt Tait. He is a cybersecurity fellow at the University of Texas at Austin. He used to work for the British intelligence agency GCHQ. Matt Tait, welcome. Thanks for joining us.

Related image

MATT TAIT: Thanks so much for having me.

MARTIN: What did we learn from this indictment about what the Russians were capable of that we didn’t know before?

TAIT: So we knew a whole bunch of information before. What the indictment really tells us is what the U.S. government knows, which wasn’t previously public – which is not only that there’s technical reasons to think that GRU is behind this operation, but also that the U.S. government knows which specific military intelligence officers were behind it, the specific people – what they were doing, what search terms they were typing as they were conducting this operation.

MARTIN: Now, this is where opinion comes in. But I’m just wondering – in the field yourself, are you at all concerned about what the U.S. government has revealed about what it knows?

TAIT: So counterintelligence investigations are, by definition, extremely sensitive. U.S. citizens and the media are not the only people who are going to be poring through this indictment. There will be people in the Russian government who’ll be looking at this indictment very closely, trying to understand how it was that this information was leaked, trying to identify what it is that the U.S. government knows and how – and how to make sure that this doesn’t happen again. And those sources, those methods, are going to be very difficult for the U.S. government to repair.

One thing that is worth noting is the intelligence operations in the United States and around the world, they don’t happen in a vacuum. Like, we don’t just try and work out what’s happening, we try and sort of identify what’s going on in order to drive policy decisions. And in this particular case, clearly, the U.S. government has come to the conclusion that revealing the sources is sufficiently valuable to U.S. interests that it’s worth damaging that kind of access.

Image result for GCHQ, photos

MARTIN: And I was going to ask you that. That was going to be my final question, which is, is there a message being sent here about revealing what U.S. intelligence can see?

TAIT: So I think there’s two really important messages that Mueller and the U.S. government is trying to send with this. The first is that this is not just bits and pieces of collected evidence that the U.S. government has now just – collected them into a pile and blaming Russia. Actually, they have extremely detailed inside knowledge as to what was happening as to this Russian government operation.

I think the second thing that’s very important is to lay out to the U.S. public what it is that they know, how it is that this operation took place – that they actually know that these emails were stolen, that they were stolen by spear-phishing and that people at home can defend themselves from spear-phishing, for instance. And that’s also important information for people to know in advance if, for instance, the midterms.

So I think that there’s these two separate messages that the U.S. government is trying to send. First of all, that we really understand what is going on, and second of all, that the public can defend themselves, and the people at home can take actions to defend their own accounts.

MARTIN: That’s Matt Tait. He’s a cybersecurity fellow at the University of Texas at Austin, and he formerly worked for the British intelligence agency GCHQ. Matt Tait, thanks so much for speaking with us.

TAIT: Thanks so much for having me.

See also:

Cybersecurity 202: We surveyed 100 security experts. Almost all said state election systems were vulnerable.


British Intelligence: ‘Absolute protection from cyber attacks not possible’

April 22, 2018

Russian flag is seen on the laptop screen in front of a computer screen on which cyber code is displayed

The head of GCHQ’s cyber defence unit says it is a matter of “when, not if” Britain faces a “serious cyber attack” CREDIT: KACPER PEMPEL


The Telegraph
21 APRIL 2018 • 9:31PM

Britain’s spy agencies cannot offer “absolute protection” against Russian cyber attacks and are instead focused on preventing assaults that would “most impact on our way of life”, in the wake of the Salisbury poisoningGCHQ is warning.

Writing in The Sunday Telegraph, Ciaran Martin, the head of the agency’s cyber defence unit, says it is a matter of “when, not if” Britain faces a “serious cyber attack”.

He added that its focus was now on building “resilience” in “the systems we care about the most”, believed to be Britain’s power and water supplies, internet and transport networks, and health service.

The Sunday Telegraph understands that senior representatives of utility, transport and internet firms and the NHS have attended intelligence briefings at the National Cyber Security Centre (NCSC) on the specific methods – known as “attack vectors” – being used by Russia to target Britain’s critical national infrastructure, following the nerve agent attack in Salisbury last month.

Separately, the NCSC is understood to have written to the Government setting out urgent actions that departments and individual officials should take to protect Whitehall from cyber assaults.

Ciaran Martin
Ciaran Martin, the head of the agency’s cyber defence unit CREDIT: WOLFGANG RATTAY

These are in response to retaliatory measures against the Kremlin following the attempted assassination of Sergei Skripal and his daughter Yulia in Salisbury with a nerve agent last month.

Mr Martin, the NCSC’s chief executive, confirmed GCHQ was on “heightened alert” for “follow-up activity” following the Salisbury attack – an explicit link the agency fell short of making when it issued an unprecedented joint warning with the FBI last week about cyber attacks by the Russian Government.

“Turning off the lights and the power supply by cyber attack is harder than Hollywood films sometimes make out,” he writes.

“But we’ve seen enough malicious cyber attacks across the world, including against UK health services by a North Korean group last year, to know how services can be disrupted.

“Absolute protection is neither possible nor desirable; it’s about having more resilience in the systems we care about the most, those where loss of service would have the most impact on our way of life.

“We have said that it is a matter of when, not if, the UK faces a serious cyber attack. So last week we presented detailed plans to Government departments about the priority areas where the NCSC will work with them, industry and law enforcement to improve the cyber resilience of the most important systems.”

The Sunday Telegraph understands that, in addition to setting out the “priority areas” it will focus on protecting, the NCSC provided the Government with fresh advice on preventing attacks, based on the latest intelligence about attempted intrusions by Russian hackers.

The advice is believed to have ranged from highly technical measures that should be taken by particular departments, to more basic preventative steps that could be adopted by all civil servants.

Separately, the agency is understood to have called in representatives of organisations involved in the UK’s critical national infrastructure for a series of briefings on ongoing activity in recent days, with the sessions including information on the warning signs to look out for, and advice on how to guard against the threats.

Russian hackers targeting millions of devices around the world, US and UK warn

April 17, 2018

Intelligence agencies say spying could be preparation for future attacks

By Lizzie Dearden Home Affairs Correspondent
The Independent

Russian hackers are targeting millions of devices around the world to spy, steal information and build networks for potentially devastating future cyberattacks, the US and UK have revealed.

The first ever joint “technical alert” from the two countries urged members of the public and businesses to help combat vulnerabilities with basic security precautions.

Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC) – an arm of British intelligence agency GCHQ – said Russia was its “most capable hostile adversary in cyberspace”.

In a call with The Independent and other outlets, he said all attacks uncovered by American security services had directly affected the UK, including intrusion into the energy sector.

“This is sustained targeting of multiple entities over months that we believe the Russian state to be behind,” Mr Martin added.

“The purpose of these attacks could be espionage, the theft of intellectual property and they could be positioned for use in times of tension.

“There are millions of machines being globally targeted, trying to seize control over connectivity.”

The total is believed to include tens of thousands of home devices in the UK alone, which could be used “at scale” for wider operations.

US to impose new sanctions on Russia in wake of Syria chemical attack, says UN ambassador Nikki Haley

Security services admitted they do not know the full scale of attacks by state-sponsored Russian hackers, who are using routers connecting people’s homes and offices to the internet to spy on the information going through them, harvesting passwords, data and other information that could later be used in an attack.

Mr Martin said some efforts are directly targeting the British government and critical national services, such as the NHS, where the crippling impact of North Korea’s WannaCry attack showed the devastating potential of cyber warfare last year.

Other targets include internet service providers and the private sector, providing a “basic infrastructure” to launch future operations.

​GCHQ has been tracking Russian actors for more than 20 years but the threat has come to renewed global attention following global ransomware incidents, power outages in Ukraine and alleged interference in foreign elections.

American officials denied that Monday’s “pre-planned” warning was linked to any increase in malicious activity following air strikes against the Kremlin’s Syrian allies on Saturday.

Bombing targeting chemical weapons stores by the US, UK and France worsened tensions with Vladimir Putin’s government further following the Salisbury nerve agent attack, diplomatic expulsions and ongoing sanctions over the Ukrainian war.

Rob Joyce, special assistant to Donald Trump and the US National Security Council’s cyber security coordinator, said Russia was amassing a “tremendous weapon” but there was no specific intelligence on the targeting of elections.

“When we see malicious cyber activity, whether it be from the Kremlin or other malicious nation-state actors, we are going to push back and push back hard,” he added, detailing cyber defence, sanctions and prosecutions.

Mr Joyce said “all elements of national power” were being mounted against the threat, including counter-attacks and asymmetric warfare.

Security services warned that global connectivity provided by the “internet of things” relied upon in modern life was being exploited and issued advice on how civilians and businesses can protect their devices, as well as national defences.

They stressed that threats came from countries other than Russia, as well as criminals seeking to profit.

Switches, firewalls and Network Intrusion Detection System (NIDS) are also being exploited in what are known as “man-in-the-middle” attacks.

Security weaknesses combined with a “Russian government campaign to exploit these devices” threatens the UK and US’s safety, security, and economic well-being, the NCSC said.

The Kremlin has denied persistent accusations of malicious cyber activity but last year Mr Putin conceded that “patriotic” Russian hackers may be acting “in the fight against those who speak badly about Russia”.

Keir Giles, an expert in Russian information warfare at Chatham House, said the line between government, business and the criminal world was blurred.

“The bottom line is these attacks would not be coming from Russia without Russian state collusion – if they wanted to stop it they could,” he told The Independent.

Mr Giles said Russia’s attacks had become more blatant due to a lack of deterrents during Barack Obama’s administration.

“They have not cared for some time about being identified as the source of hostile activity,” he added.

“Russia is far less concerned about being a rogue state because they have no reputation to maintain, they are behaving more like North Korea than the European nation they once pretended or aspired to be.

“This is just another symptom of Russia believing it is in an advanced state of conflict in the West in every domain apart from overt military clashes.”

Ewan Lawson, a senior research fellow at the Royal United Services Institute for Defence and Security Studies (RUSI), said actors could be viewing browsing history, emails, messages or sending information elsewhere.

“The concern with the presence of someone on your network is are they simply there looking or as a preparatory measure for something more nefarious?” the former RAF officer added.

“Either is bad. We haven’t seen a lot of damaging attacks yet but I believe we’re going to. If they were on a transport network, for example, the potential is there to disrupt train services. You could get into the signalling network.”

Read the full alert and advice here.

A previous version of this article stated that “billions” of machines had been targeted, but the figure was changed to “millions” following clarification from the NCSC.

British PM May to chair security meeting on poisoning of former Russian double agent

March 12, 2018


LONDON (Reuters) – Prime Minister Theresa May will chair a meeting of Britain’s National Security Council on Monday to discuss the poisoning of a former Russian double agent and his daughter.

Sergei Skripal and his daughter Yulia

Image copyright EPA/ YULIA SKRIPAL/FACEBOOKMr Skripal, 66, and his daughter Yulia, 33, were found unconscious

Former double agent Sergei Skripal, 66, and his daughter Yulia, 33, have been in hospital in a critical condition since March 4 when they were found unconscious on a bench outside a shopping center in the southern English city of Salisbury.

Hundreds of people who visited the Zizzi restaurant or the Bishop’s Mill pub in the normally quiet cathedral city were told on Sunday to wash their clothes after traces of nerve agent used to attack Skripal were found at both sites.

The Mill Pub
The Mill Pub
Image copyright   AFP/GETTY IMAGES

British counter-terrorism police say a nerve agent was used against Skripal and his daughter but have not made public which one.

Skripal betrayed dozens of Russian agents to British intelligence before his arrest in Moscow in 2004. He was sentenced to 13 years in prison in 2006, and in 2010 was given refuge in Britain after being exchanged for Russian spies.

The forensic tent, covering the bench where Sergei Skripal and his daughter Yulia were found, is repositioned by officials in protective suits in the centre of Salisbury, Britain, March 8, 2018. REUTERS/Peter Nicholls

British Foreign Secretary Boris Johnson has warned that if Russia was behind the poisoning of Skripal, a former colonel in GRU military intelligence, than Britain would respond robustly.

Johnson also drew parallels between the poisoning of Skripal and the murder of former KGB agent Alexander Litvinenko who died in London in 2006 after drinking green tea laced with radioactive polonium-210.

A British public inquiry found the killing of Litvinenko had probably been approved by Russian President Vladimir Putin and carried out by two Russians, Dmitry Kovtun and Andrei Lugovoy. Lugovoy is a former KGB bodyguard who later became a member of the Russian parliament.

Alexander Litvinenko died after his tea was laced with polonium in 2006

Image:Alexander Litvinenko died after his tea was laced with polonium in 2006

Both denied responsibility and Russia has denied any involvement.

Since Skripal was found slumped on a bench in Salisbury, Russia has repeatedly denied any part in his poisoning and says Britain is whipping up anti-Russian hysteria. Russia holds a presidential election on March 18.

Britain’s MI5 foils Islamist terror plot to kill the Prime Minister — Two men have been charged with terror offences

December 6, 2017


Image may contain: 1 person, closeup
Britain’s Prime Minister Theresa May. Reuters.

The security services have foiled an alleged plot to assassinate the Prime Minister in Downing Street, it has emerged.

An Islamic extremist planned to use an improvised explosive device to blow up the gates of Downing Street before entering No 10 and making an attempt on Theresa May’s life.

Two men have been charged with terror offences and are due to appear in Westminster magistrates’ court.

Details of the alleged terror plot were set out to Cabinet members on Tuesday during a briefing by Andrew Parker, the head of MI5. Mr Parker revealed that British intelligence had foiled nine terror plots in the past 12 months.

Image result for Andrew Parker, MI5, photos

Andrew Parker, the head of MI5

The disclosures about the charges came just hours after an official report into the Manchester terror attack revealed that the suicide bomber had been flagged for closer scrutiny by security services and that the atrocity could have been averted “had the cards fallen differently”.

MI5 investigators misinterpreted intelligence on Salman Abedi earlier this year and it was disclosed his case was due to be discussed at a meeting scheduled for nine days after his May attack at the Manchester Arena.

Salmam Abedi

The report suggested Salman Abedi’s attack in Manchester could have been stopped CREDIT: AFP/GETTY

Internal reviews into the police and MI5’s handling of the four terrorist attacks in Britain this year also revealed one of the London Bridge attackers had been under active investigation by the Security Service.

After the Westminster attack

The Westminster Bridge attacker, Khalid Masood, had also watched suicide attack videos on YouTube in the days before he carried out his assault.

David Anderson QC, a former terrorism law reviewer asked by the Home Secretary to independently check the secret internal reviews, said they were “no cause for despair” and that most attack plots continued to be broken up.

In response to his 61-page report, Amber Rudd, the Home Secretary, said the blame for the attacks “lies squarely” with the terrorists.

The reviews found that 22-year-old Abedi had previously been a MI5 suspect, but was not under active investigation when he blew himself up among the crowd at an Ariana Grande concert.

Tributes to the Manchester terror attack, which killed 22 people

Tributes to the Manchester terror attack, which killed 22 people CREDIT: BEN STANSALL /AFP

In advance of the attack, officers had on two separate occasions received unspecified intelligence on him “whose significance was not fully appreciated at the time” and which could have led to his case being reopened.

“In retrospect, the intelligence can be seen to have been highly relevant to the planned attack,” the report said.

Mr Anderson concluded that while it was “unknowable” if reopening the investigation would have thwarted Abedi, it was “conceivable that the Manchester attack in particular might have been averted had the cards fallen differently”.

Between March and June, London and Manchester experienced four attacks killing a total of 36 people and wounding another 200.

Abedi had first become an MI5 “subject of interest” in 2014, but it transpired he had been mistaken for someone else and his case was closed. It was reopened the following year on mistaken intelligence that he had contacted an Islamic State figure in Libya.

But though his case remained closed from that point, Abedi “continued to be referenced from time to time in intelligence gathered for other purposes. In two separate instances before the attack, intelligence was received that was “assessed at the time to relate not to terrorism, but to possible non-nefarious activity or to criminality”.

An automated trawl of suspects’ data designed to spot closed cases that may need re-examining identified him as one of fewer than 100 individuals “out of a total of more than 20,000 closed subjects of interest, who merited further examination”.

“A meeting (arranged before the attack) was due to take place on May 31: Salman Abedi’s case would have been considered, together with the others identified. The attack intervened on May 22.”

Mr Anderson said: “With the benefit of hindsight, intelligence was misinterpreted in early 2017.”

MI5’s internal investigation concluded that the decision not to reopen an investigation into Abedi in early 2017 was “finely balanced” and “understandable”. Reviewers decided that “on the clear balance of professional opinion, a successful pre-emption of the gathering plot would have been unlikely”.

Across all of the incidents, three of the six attackers “were on MI5’s radar”. Andy Burnham, the Mayor of Greater Manchester, said the report “will be a difficult read for everyone in Manchester and most particularly for the  bereaved families and those still recovering from the attack”.

He said the report was obviously the result of “a lot of soul searching” on behalf of MI5 and the police. He said: “I accept its conclusion that there is no way of knowing whether the Manchester attack could have been stopped.

“But it is clear that things could – and perhaps should – have been done differently.”

G7 to focus on foreign fighter fallout from rout of IS

October 19, 2017


© AFP / by Ella IDE | A member of the Syrian Democratic Forces (SDF) walks through a heavily damaged a street in Raqa, Syria on October 18, 2017

ISCHIA (ITALY) (AFP) – The threat of fresh attacks on the West by foreign fighters fleeing the fallen Islamic State stronghold of Raqa is set to dominate a G7 meeting of interior ministers in Italy.The two-day gathering, which kicks off Thursday on the Italian island of Ischia, comes just days after US-backed forces took full control of the jihadists’ de facto Syrian capital.

Most foreign fighters are believed to have fled over the past few months. Experts say those who stayed are now likely to head for Turkey in the hope of travelling on to Europe to seek revenge for the destruction of the “caliphate”.

Tens of thousands of citizens from Western countries travelled to Syria and Iraq to fight for the group between 2014 and 2016, including extremists who then returned home and staged attacks that claimed dozens of lives.

France, whose some 1,000 nationals were among the biggest contingent of overseas recruits to join IS, stated frankly this weekend that it would be “for the best” if jihadists die fighting.

While border crossings have since tightened making it more difficult for fighters to return, security experts have warned of renewed possibilities of strikes as the pressure on IS intensifies.

“With an Islamic military defeat in Iraq and Syria we could find ourselves facing a return diaspora of foreign fighters,” Italy’s Interior Minister Marco Minniti told a parliamentary committee last week.

“There are an estimated 25,000 to 30,000 foreign fighters from 100 countries. Some of them have been killed of course, but… it’s possible some of the others will try to return home, to northern Africa and Europe,” he said.

– Catching boats to Europe –

The Syrian Observatory for Human Rights, a Britain-based monitor of the war, said a group of 130-150 foreign fighters, including Europeans, had turned themselves in before the end of the battle in Raqa.

Other reports suggested a convoy of foreign fighters had been able to escape the city towards IS-held territory, a claim denied categorically by Syrian Democratic Forces (SDF) officials.

The SDF is expected to contact the home countries of any foreign fighters it holds, to discuss the possibility of turning them over to face prosecution.

But captured fighters could prove a legal headache, with questions raised over what evidence, collected by whom, would be used in a domestic court. Jihadists also become security risks in jails for their potential to radicalise.

French European lawmaker Arnaud Danjean said Wednesday there would be “negotiations with the countries concerned” over what to do with returners.

Minniti warned fighters could take advantage of the confusion and “use the human trafficking routes” to return home — raising the spectre of extremists embarking on the migrant boats which regularly head to Italy.

It meant controversial efforts currently spearheaded by Italy to close the land and sea trafficking routes which cross Africa into Libya and on across the central Mediterranean sea to Europe were “essential”, he added.

– Intelligence war –

The Seven, from Britain, Canada, France, Germany, Italy, Japan and the United States, will also tackle the hot issue of terrorism online, with analysts warning IS’s loss of territory will turn street-to-street fighting into an intelligence war.

The ministers are due to arrive Thursday afternoon at a medieval castle on the volcanic island off Naples, before retiring for an informal dinner and knuckling down to working sessions on Friday.

They are set to be joined by the EU commissioner for migration Dimitris Avramopoulos, European safety commissioner Julian King, and Juergen Stock, secretary general of the international police body Interpol.

In a G7 first, representatives from Internet giants Google, Microsoft, Facebook and Twitter will also be taking part.

by Ella IDE

MI5 boss Andrew Parker warns of ‘intense’ terror threat

October 19, 2017

BBC News

MI5 chief Andrew Parker: ‘Over 3,000 extremists in the UK’

The UK’s intelligence services are facing an “intense” challenge from terrorism, the head of MI5 has warned.

Andrew Parker said there was currently “more terrorist activity coming at us, more quickly” and that it can also be “harder to detect”.

The UK has suffered five terror attacks this year, and he said MI5 staff had been “deeply affected” by them.

He added that more than 130 Britons who travelled to Iraq and Syria to fight with so-called Islamic State had died.

MI5 was running 500 live operations involving 3,000 individuals involved in extremist activity in some way, he said.

Speaking in London, Mr Parker said the tempo of counter-terrorism operations was the highest he had seen in his 34-year career at MI5.

Twenty attacks had been foiled in the last four years, including seven in the last seven months, he said – all related to what he called Islamist extremism.

The five attacks that got through this year included a suicide bomb attack after an Ariana Grande concert at Manchester Arena in May, killing 22.

Five people were also killed in April during an attack near the Houses of Parliament, while eight people were killed when three attackers drove a van into pedestrians on London Bridge and launched a knife attack in Borough Market.

A man then drove a van into a crowd of worshippers near a mosque in north London in June, while a homemade bomb partially exploded in tube train at Parsons Green station last month, injuring 30 people.

In some cases, individuals like Khuram Butt – who was behind the London Bridge attack – were well known to MI5 and had been under investigation by the security services.

People leaving flowers in Manchester city centre one week after the Manchester Arena attack
People left flowers in Manchester city centre after the Manchester Arena attack. PA photo

Mr Parker was asked what was the point of MI5 surveillance when someone who had made “no secret of his affiliations with jihadist extremism” had then been allowed to go on to launch a deadly attack.

He said the risk from each individual was assessed on a “daily and weekly basis” and then prioritised “accordingly”.

“One of the main challenges we’ve got is that we only ever have fragments of information, and we have to try to assemble a picture of what might happen, based on those fragments.”

He said the likelihood was that when an attacked happened, it would be carried out by someone “that we know or have known” – otherwise it would mean they had been looking “in completely the wrong place”.

And he said staff at MI5 were deeply affected on a “personal and professional” level when they did happen.

“They are constantly making tough professional judgements based on fragments of intelligence; pinpricks of light against a dark and shifting canvas.”

‘Not the enemy’

Mr Parker said they were trying to “squeeze every drop of learning” from recent incidents.

In the wake of attacks in the UK, there had been some, including some in the Home Office, who questioned whether the counter-terrorist machine – featuring all three intelligence agencies and the police, and with MI5 at its heart – was functioning as effectively as previously thought.

However, there was no indication of a fundamental change in direction in his remarks, with a focus on the scale of the threat making stopping all plots impossible.

“We have to be careful that we do not find ourselves held to some kind of perfect standard of 100%, because that is not achievable,” he said.

“Attacks can sometimes accelerate from inception through planning to action in just a handful of days.

“This pace, together with the way extremists can exploit safe spaces online, can make threats harder to detect and give us a smaller window to intervene.”

Troops from the Syrian Democratic Force (SDF) marching past a ruined building in Raqqa, Syria
Many Britons still fighting in Syria and Iraq may not now return, Andrew Parker said. Reuters photo

He renewed the call for more co-operation from technology companies.

Technology was “not the enemy,” he added, but said companies had a responsibility to deal with the side effects and “dark edges” created by the products they produced.

In particular, he pointed to online purchasing of goods – such as chemicals – as well as the presence of extremist content on social media and encrypted communications.

Assassination risk

He said more than 800 individuals had left the UK for Syria and Iraq.

Some had then returned, often many years ago, and had been subject to risk assessment. Mr Parker revealed at least 130 had been killed in conflict.

Fewer than expected had returned recently, he said, adding that those who were still in Syria and Iraq may not now attempt to come back because they knew they might be arrested.

Mr Parker stressed that international co-operation remained vital and revealed there was a joint operational centre for counter-terrorism based in the Netherlands, where security service officers from a range of countries worked together and shared data.

This had led to 12 arrests in Europe, he added.

In terms of state threats, Mr Parker said the range of clandestine activity conducted by foreign states – including Russia – went from aggressive cyber-attack, through to traditional espionage and the risk of assassination of individuals.

However, he said the UK had strong defences against such activity.


Iran to blame for cyber-attack on MPs’ emails – British intelligence

October 14, 2017


Evidence points to Iran, says unpublished report, after initial suspicion of Russia and North Korea dismissed

The houses of parliamentThe emails of dozens MPs were hacked, partly as the result of weak passwords, according to a parliamentary spokesman. Photograph: Xinhua/Barcroft Images

Iran is being blamed for a cyber-attack in June on the email accounts of dozens of MPs, according to an unpublished assessment by British intelligence. Disclosure of the report, first revealed by the Times but independently verified by the Guardian, comes at an awkward juncture. Donald Trump made it clear on Friday that he wants to abandon the Iran nuclear deal. But European leaders, including Theresa May, want to retain it.

Initial suspicion for the attack fell on Russia, but this has now been discounted. The evidence amassed is pinpointing Iran, according to the assessment. A spokesperson for the National Cyber Security Centre, the government body responsible for helping to counter attacks, said: “It would be inappropriate to comment further while inquiries are ongoing.”

The cyber-attack on parliament on June 23 hit the accounts of dozens of MPs, including Theresa May, the prime minister. and senior ministers. The network affected is used by every MP for interactions with constituents.

A security source told the Guardian at the time: “It was a brute-force attack. It appears to have been state-sponsored. The nature of cyber-attacks means it is notoriously difficult to attribute an incident to a specific actor.”

MPs contacted by the Guardian said the immediate suspicion had fallen upon foreign governments such as Russia and North Korea, both of which have been accused of orchestrating previous hacking attempts in the UK. The attackers sought to gain access to accounts protected by weak passwords. The parliamentary digital services team said they had made changes to accounts to block out the hackers. A spokesman said those whose emails were compromised had used weak passwords, despite advice to the contrary.

Conservative MP Andrew Bridgen said at the time that such an attack “absolutely” could leave some people open to blackmail. “Constituents want to know the information they send to us is completely secure,” he said.

Liam Fox, the international trade secretary, connected the news to reports that cabinet ministers’ passwords were for sale online. “We know that our public services are attacked, so it is not at all surprising that there should be an attempt to hack into parliamentary emails,” he said. “And it’s a warning to everybody, whether they are in parliament or elsewhere, that they need to do everything possible to maintain their own cybersecurity.”

Encourage children to spend more time online, says former head of British Intelligence — “The country is desperately short of engineers and computer scientists, and lacks the broad ‘cyber skills’”

August 8, 2017

The Guardian

Robert Hannigan says children developing cyber skills could ‘save the country’ as UK was falling behind competitors

Image may contain: 1 person, suit
 Robert Hannigan, in 2015, when he was director of GCHQ. Photograph: Ben Birchall/PA

Parents should be encouraging their children to spend more time online in order to “save the country,” the former head of GCHQ has said.

Robert Hannigan, who was head of Britain’s surveillance agency between 2014 and 2017, said that the UK was struggling to keep up with competitors when it came to cyber skills.

He said parents should not feel guilty if teenagers spend hours of their summer holidays in front of a screen.

“The assumption that time online or in front of a screen is life wasted needs challenging,” Hannigan said. “It is driven by fear.”

The call comes days after the children’s commissioner warned parents that they should intervene to stop their children overusing social media and consuming time online “like junk food”.

In an interview with the Observer, Anne Longfield said that parents should “step up” and be proactive in stopping their children from bingeing on the internet during the summer holidays.

Writing in the Telegraph, Hannigan disagreed. “If you are spending a disproportionate amount of your holiday unsuccessfully attempting to separate your children from wifi or their digital devices, do not despair.

“Your poor parenting may be helping them and saving the country.”

The opinions come after a report said that children in all age groups are spending ever-longer periods online, according to Ofcom. Children aged five to 15 are spending 15 hours a week online.

Hannigan argues that young people need to explore the digital world just as they explore the physical world, in order to fully develop the kinds of skills both the country and they as individuals will need in the future.

He said: “This country is desperately short of engineers and computer scientists, and lacks the broad ‘cyber skills’ needed now, never mind in the next 20 years. The baseline of understanding is too low and often behind our competitors.

“If we are to capitalise on the explosion of data that will come through the ‘internet of things’, and the arrival of artificial intelligence and machine learning, we need young people who have been allowed to behave like engineers: to explore, break things and put them together.

“Arguably that is what children always did in their summer holidays. The difference today is that they will want to explore, experiment and break things digitally.”

He also said that parents should attempt to catch up and improve their own cyber skills, suggesting they buy a Raspberry Pi.

“You could build it with your children and learn at least the concept of computer coding; there are plenty of free guides on the web,” he said.

Read the rest:


Related image

Children should be allowed to explore the digital world just as they explore the physical world, says Robert Hannigan

See also:

By Ben Farmer
The Telegraph

Parents should encourage their children to spend more time online to improve their cyber skills and ‘save the country’, the former head of GCHQ declares today.

Rather than allowing youngsters to ‘mooch around on the streets’ during the holidays, it is families’ patriotic duty to encourage more screen time, according to Robert Hannigan.

Writing for the Telegraph today, the former head of the Government’s electronic spy agency, warns that Britain is struggling to keep pace with its digital rivals.

Without giving children more time to embrace and master the virtual world, the UK will fall further behind, he says.

His call comes just days after the children’s commissioner argued that children are already too attached to online devices.

Read the rest:

Russian hackers attacked UK energy networks — Russians hacked energy companies on election day, GCHQ claims

July 19, 2017

Russian hackers are thought to have attacked the UK’s national grid sparking fears that electricity supplies could be cut by cyber terrorists.

Security analysts say that a group backed by Vladimir Putin‘s Kremlin targeted the Republic of Ireland’s energy sector and tried to infiltrate control systems.

Senior engineers at the country’s Electricity Supply Board were hit with a ‘phishing’ email last month that tried to trick staff into downloading malicious software, according to The Times.

While no evidence of disruption has been uncovered, analysts fear that the hackers could have stolen sensitive information including top-secret passwords that could later be used to access systems.

Russian hackers are thought to have attacked the UK's national grid sparking fears that electricity supplies could be cut by cyber terrorists (stock photo)

Russian hackers are thought to have attacked the UK’s national grid sparking fears that electricity supplies could be cut by cyber terrorists (stock photo)

Experts said that the attackers are using Ireland to test out their cyber weaponry with the country hosting the offices of a number of major corporations including Apple and Facebook.

Some of the fake emails sent to engineers reportedly contained inside technical knowledge about the plants that the hackers were trying to access.

It is now feared that similar attack bids could be launched on other parts of the UK’s critical infrastructure.

Read more:
Follow us: @MailOnline on Twitter | DailyMail on Facebook


Russians hacked energy companies on election day, GCHQ claims

 Hackers tried to exploit ways into computer networks possibly using a similar method to the one that hit the NHS in May
Hackers tried to exploit ways into computer networks possibly using a similar method to the one that hit the NHS in May CREDIT: ALEXANDER RYUMIN 
By Cara McGoogan and 

Britain’s energy companies were hacked on the day of the General Election by computer criminals believed to have been backed by Russia.

The Government’s electronic spy agency GCHQ said in an official report sent to the energy sector that companies “are likely to have been compromised” in the wake of the attack launched on June 8.

Britain’s energy companies were hacked on the day of the General Election 
Britain’s energy companies were hacked on the day of the General Election  CREDIT: PA

The report accuses “state-sponsored hostile threat actors” of being responsible for the cyber attack, which may also have targeted water companies and the manufacturing industry.

The document does not name Russia but experts have told The Telegraph that they believe the Kremlin was behind the attack and that it targeted engineers working in power plants and in the electricity supply network.

The attempt to infiltrate Britain’s energy network and other parts of the UK’s “critical national infrastructure” is not thought to have caused any disruption.

But intelligence…

Read the rest: