Saturday, February 15, 2020

NCF - National Cyber Force

.
National Cyber Force | Protecting Defence’s Most Contested Domain - Forces > .
23-8-23 MI6 - History; (Vauxhall Pleasure Gardens) SIS Building - B1M > .
Security 


23-8-31 Infamous Chisel . MoD .

The National Cyber Force (NCF) is a result of the consolidation of offensive cyber activity in the United Kingdom, dedicated to offensive action to combat security threats, hostile states, terror groups, extremism, hackers, disinformation and election interference. The specialist unit is a joint initiative between the Ministry of Defence (MOD) and GCHQ, the British intelligence agency, due to launch in spring 2020. Its headquarters will be based in an as-yet determined location in the North-West of England as part of a new 'cyber corridor'.

The NCF draws together personnel from intelligence, cyber and security agency GCHQ, the MoD, the Secret Intelligence Service (MI6) and the Defence Science and Technology Laboratory (DSTL) under one unified command for the first time. Alongside MoD’s operational expertise, DSTL’s scientific and technical capabilities and GCHQ’s global intelligence, SIS (MI6) provides its expertise in recruiting and running agents alongside its unique ability to deliver clandestine operational technology.

Used alongside diplomatic, economic, political and military capabilities, examples of cyber operations could include:
  • interfering with a mobile phone to prevent a terrorist from being able to communicate with their contacts;
  • helping to prevent the internet from being used as a global platform for serious crimes, including sexual abuse of children and fraud; and
  • keeping UK military aircraft safe from targeting by hostile weapons systems.
Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance to the government and armed forces of the United Kingdom. Based in "The Doughnut" in the suburbs of Cheltenham, GCHQ is the responsibility of the country's Secretary of State for Foreign and Commonwealth Affairs, but it is not a part of the Foreign Office and its Director ranks as a Permanent Secretary.

GCHQ was originally established after the WW1 as the Government Code and Cypher School (GC&CS) and was known under that name until 1946. During WW2 it was located at Bletchley Park, where it was responsible for breaking the German Enigma codes. There are two main components of the GCHQ, the Composite Signals Organisation (CSO), which is responsible for gathering information, and the National Cyber Security Centre (NCSC), which is responsible for securing the UK's own communications. The Joint Technical Language Service (JTLS) is a small department and cross-government resource responsible for mainly technical language support and translation and interpreting services across government departments. It is co-located with GCHQ for administrative purposes.

The National Cyber Security Centre (NCSC) is an organisation of the United Kingdom Government that provides advice and support for the public and private sector in how to avoid computer security threats. Based in London, it became operational in October 2016, and its parent organisation is GCHQ

The NCSC absorbed and replaced CESG (the information security arm of GCHQ), the Centre for Cyber Assessment (CCA), Computer Emergency Response Team UK (CERT UK) and the cyber-related responsibilities of the Centre for the Protection of National Infrastructure (CPNI). It built on earlier efforts of these organisations and the Cabinet Office to provide guidance on Information Assurance to the UK's wider private sector, such as the "10 Steps" guidance released in January 2015. In pre-launch announcements, the UK government stated that the NCSC would first work with the Bank of England to advise financial institutions on how to bolster online defences. The centre was first announced in November 2015 by the Chancellor of the Exchequer, George Osborne. The existing Director General Cyber of GCHQ, Ciaran Martin, leads the new centre, and GCHQ's current Technical Director of Cyber Security, Dr Ian Levy, assumed the same role at the NCSC. ... In April 2016, the Ministry of Defence announced that a Cyber Security Operations Centre (CSOC) "to protect the MOD's cyberspace from malicious actors" with a budget of over £40 million will contribute to this initiative. It is located at MoD Corsham.

GCHQ Bude, also known as GCHQ Composite Signals Organisation Station Morwenstow, abbreviated to GCHQ CSO Morwenstow, is a UK Government satellite ground station and eavesdropping centre located on the north Cornwall coast at Cleave Camp, between the small villages of Morwenstow and Coombe. It is operated by the British signals intelligence service, officially known as the Government Communications Headquarters, commonly abbreviated GCHQ. It is located on part of the site of the former WW2 airfield, RAF Cleave.

Around £76m will be invested in the NCF in its first year. It will operate alongside the National Cyber Security Centre (NCSC), which primarily concentrates on defensive cyber activities to protect government departments, strategic infrastructure and industry.

An April 2021 report produced by academics from King's College London and the Offensive Cyber Working Group has produced a set of recommendations for the NCF, with an aim to increase public debate on offensive cyber in the UK.

Plans for the unit were reported in the media in September 2018. It has since been reported to have been delayed because of "distractions caused by uncertainties over Brexit and frequent changes of ministers and secretaries of state in the MoD" and turf wars between the MOD and GCHQ.

In 2013, GCHQ received considerable media attention when the former National Security Agency contractor Edward Snowden revealed that the agency was in the process of collecting all online and telephone data in the UK via the Tempora programme. Tempora is the codeword for a formerly-secret computer system that is used by the British Government Communications Headquarters (GCHQ). This system is used to buffer most Internet communications that are extracted from fibre-optic cables, so these can be processed and searched at a later time. It was tested since 2008 and became operational in late 2011.

Tempora uses intercepts on the fibre-optic cables that serve as the backbone of the Internet to gain access to large amounts of Internet users' personal data, without any individual suspicion or targeting. The intercepts are placed in the United Kingdom and overseas, with the knowledge of companies owning either the cables or landing stations.

The existence of Tempora was revealed by Edward Snowden, a former American intelligence contractor who leaked information about the program to former Guardian journalist Glenn Greenwald in May 2013 as part of his revelations of government-sponsored mass surveillance programs. Documents Snowden acquired showed that data collected by the Tempora program is shared with the National Security Agency of the United States.

Snowden's revelations began a spate of ongoing disclosures of global surveillance. The Guardian newspaper was then forced to destroy all incriminating files given to them by Snowden because of the threats of lawsuits from the UK Government.

USA

United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integrates and bolsters DoD's cyber expertise.

USCYBERCOM was created in mid-2009 at the National Security Agency (NSA) headquarters in Fort George G. Meade, Maryland. It cooperates with NSA networks and has been concurrently headed by the director of the National Security Agency since its inception. While originally created with a defensive mission in mind, it has increasingly been viewed as an offensive force. On 18 August 2017, it was announced that USCYBERCOM would be elevated to the status of a full and independent unified combatant command. This elevation occurred on 4 May 2018.

The US and UK are joining forces to "impose consequences" on their shared adversaries who conduct malicious cyber-activities. The combined action would address "evolving threats with a full range of capabilities", they said. The shared adversaries were not named but the announcement follows increasing concern over Russia-based ransomware. The plan was discussed last week at an annual meeting of intelligence chiefs, in the US.

Gen Sir Patrick Sanders and Government Communications Headquarters (GCHQ) director Sir Jeremy Fleming and US Cyber Command head Gen Paul Nakasone "reaffirmed" their commitment to jointly disrupt and deter new and emerging cyber-threats.

As democratic nations, the two countries were committed to carrying out proportionate and necessary operations within the law. The US and UK are stepping up efforts to strike back in cyber-space - or at least they are becoming more public about it. They are also making clear the long-standing intelligence partnership is translated into offensive operations online. The US strategy of "persistent engagement" means contesting foreign adversaries day-to-day in cyber-space to try to make it harder for them to operate.

The UK does not use the same language but, with the launch of the National Cyber Force, it has signalled it is doing the same - trying to knock out ransomware groups' infrastructure, for example, or make it harder for foreign intelligence agencies to carry out espionage or more destructive attacks. 

The talk is of "imposing consequences" - but there are still big questions about whether these actions are having a significant effect on opponents who play by different rules or deterring those adversaries from continuing their actions.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

sī vīs pācem, parā bellum

igitur quī dēsīderat pācem praeparet bellum    therefore, he who desires peace, let him prepare for war sī vīs pācem, parā bellum if you wan...