As the threat of cyber warfare looms larger and larger on the horizon, GCHQ has revealed the extent to which it has armed the UK with offensive cyber capabilities.
According to the Government Communications Headquarters, the UK now has twice the power to deliver cyberattacks than it did prior to 2014, now wielding the ability to deliver devastating infrastructure attacks.
GCHQ said to the Intelligence and Security Committee that is has “actually over-achieved and delivered almost double the number of capabilities we were aiming for… It is the full spectrum of capabilities from tactical stuff… right through to what we would say is the high end of counter state offensive cyber capabilities.”
This revelation comes amid growing concern regarding the cyber and real world threat posed by North Korea, the state blamed by the UK government and now the United States government for the WannaCry attack that debilitated the NHS.
The news has also arrived well-timed with the announcement that NATO is set to discuss the guidelines regarding the use of cyberattacks for engaging the enemy. Britain, the United States, Germany and Spain will consider taking an offensive approach to cybersecurity, rather than simply deflecting attacks.
Cyberattacks are still fresh in the memory of the UK government itself, with an attack earlier this year targeting the email accounts of MPs. While part of the blame was attributed to weak passwords, suspicions were also raised to the potential that the attack had nation-state origins.
While the prospect of nation-state driven attacks that intend to influence democratic processes are troubling, attacks on infrastructure are far more concerning. The Ukraine has been a frequent target of major cyberattacks on elements of critical infrastructure like power grids, with attacks leaving people without power for extended periods of time on more than one occasion.