Former GCHQ intern risked national security after taking home top secret data

A former GCHQ intern has pleaded guilty to transferring data from a top-secret computer onto his work phone.

Hassaan Arshad, who was arrested in 2022, is alleged to have downloaded the stolen data onto a hard drive connected to a personal computer. He pleaded guilty to a charge under Section 3ZA of the Computer Misuse Act 1990, which relates to "unauthorised acts causing, or creating risk of, serious damage".

Areas and equipment labeled "top secret" within GCHQ house the government's most sensitive data. Information compromised here might cause a threat to life and/or the economic security of allied countries.

The case raises many questions about the highest level of the UK's national security and is a stark reminder of the vulnerability that mobile phones can create.

As Jake Moore, global cybersecurity advisor at ESET, puts it, the most serious data breaches often don't come from outsiders; they can simply stem from internal errors, poor controls, or invisible insider threats.

Moore previously worked for the Digital Forensics Unit and Cyber Crime Teams in the Dorset Police force, and spent 14 years investigating computer crime. He said the GCHQ case is another reminder of how easily sensitive data can fall into the wrong hands without robust preventative measures.

"Organizations need to remember to implement strict access controls such as locking down removable media and ensuring that only those with direct operational needs have access to sensitive areas," Moore said.

"Businesses also need to think about reducing the risk of mobile devices being used to capture sensitive data. It is worrying that personal devices were not banned from certain areas, but when phones are required, it can be effective to deploy Mobile Device Management (MDM) tools to limit device capabilities in high-risk zones, such as removing the use of the cameras."

When and where we use our phones has always been a big concern for security teams. Devices with electronic signals are often completely barred from high-level institutions, such as the CIA.

In the fallout of the Signal leak, where a journalist was inadvertently added to a classified conversation about an impending air attack in Yemen, the focus has mainly been on the use of the chat app.

However, as former CIA official William D. Murray pointed out, why was the director of the CIA using a mobile phone in the headquarters of the CIA?

MORE FROM ITPRO

• Nearly half of security practitioners told to ‘keep data breaches under wraps’
• Businesses must get better at sharing cyber information, urges former GCHQ chief
• Nearly half of EMEA data breaches were due to internal blunders