GCHQ and MoD to form £250m ‘joint cyber-force’

GCHQ will create an offensive cyber unit to fight the growing wave of national security threats Britain faces from around the world.

A partnership between the Ministry of Defence (Mod) and the UK's intelligence organisation will see the government committing more than 250 million with 2,000 individuals deployed to orchestrate offensive actions.

According to The Times, the rising cyber threat from nations such as Russia and Iran, as well as terrorist groups like ISIS, will see experts brought in from the military, security services, and the cyber security industry.

"The MoD and GCHQ have a long and proud history of working together," a government spokesperson told IT Pro. "We are both committed to continuing to invest in this area, given the real threats the UK faces."

The new force, expected to be announced soon, will represent a step change in cyber strategy from a more defensive outlook to an offensive one. Targets on the list include rogue nations, extremist groups, and people-traffickers as well as paedophile rings.

The formation of this unit follows a review ordered by defence secretary Gavin Williamson, and has been given the working name "joint cyber-force". It'll see a quadrupling in manpower allocated towards offensive actions - and comes just five months after GCHQ revealed it had conducted its first successful cyber attack on ISIS.

In his first speech as GCHQ director in April, Jeremy Fleming confirmed the massive offensive action which was orchestrated last year systematically degraded the extremist group's online infrastructure.

"Daesh's ability to inspire, direct and enable attacks, and the simple tactics they use make stopping attacks much, much harder," Fleming said. "But the UK's CT team - led by MI5 and the Police, supported by GCHQ, MI6 and the Military - is evolving fast to match this threat."

He continued: "These operations have made a significant contribution to coalition efforts to suppress Daesh propaganda, hindered their ability to coordinate attacks, and protected coalition forces on the battlefield.

"But cyber is only one part of the wider international response. This is the first time the UK has systematically and persistently degraded an adversary's online efforts as part of a wider military campaign. Did it work? I think it did."

The threat faced by nations such as Russia not only manifest as incidents such as the Salisbury poisoning but a number of aggressive cyber events like the alleged hacking of the 2016 US presidential election.

The nation has also been accused of polluting public discourse in the West after research last month revealed the rise in anti-vaxx conspiracy theories circulating online can be pinned on Russian-originating botnets.

Unlike conventional botnets, used to spread malware, these networks served as 'content polluters' to disseminate fake news and erode public trust in the scientific establishment.

"This announcement highlights the growing need for more cyber-savvy workers in the UK, to secure our future at a national, organisational and personal level," said CEO of Cyber Security Challenge UK Colin Lobley.

"While many people are still unsure of what a career in cyber security would look like, the reality is that many of these jobs require similar skills and knowledge to more known careers.

"For example, we need architects to build secure networks, lawyers to process cybercrime cases, psychologists to assess how human behaviour influences security, as well as military roles to act against national threats."

IT Pro approached GCHQ for comment but did not get a response at the time of writing.