GCHQ to help firms combat cybercrime


Francis Maude: "We're looking to develop hubs so knowledge can be brought together, enabling both private and public sector to protect themselves"

Related Stories

The government plans to share tactics and technology with businesses to combat cybercrime and protect the UK's growing internet economy.

Intelligence agency GCHQ will work more closely with firms and could share its technology commercially.

The government says internet business generates about 6% of the UK's GDP - more than agriculture or utilities.

Its Cyber Strategy also encourages courts to use powers to restrict computer use by cyber criminals.

Constant attacks by cyber criminals, activists, hackers and foreign states trying to steal official and commercial secrets mean cyber-attacks are now ranked on a par with international terrorism as a threat.

'World class expertise'

The government says there are more than 20,000 malicious emails sent to its networks each month, 1,000 of which are deliberately targeted.

Ministers have set aside £650m of new money to better protect key infrastructure and defence assets from "cyber warfare".

The strategy published on Friday says that about half of that money will go to the government's listening post - GCHQ - in Cheltenham to increase its ability to fight off cyber attacks.


The new cyber strategy makes clear that an effort is required from government, industry and the public working together.

The challenge will be co-ordinating that and driving the strategy through so that it actually delivers what it promises.

Even within government, the ministerial overlaps are complex with the Foreign Office, Ministry of Defence, Department for Business Innovation and Skills as well as the Cabinet Office and others involved.

Private businesses are sometimes nervous of sharing data about cyber attacks with others for fear of the impact on customers or the help it might give competitors.

And establishing where the balance of responsibility for security lies (and therefore the cost when things go wrong) between security companies, GCHQ, government departments, ISPs, businesses and individual internet users is no easy task.

Ministers say they are also looking at ways that GCHQ's "world class expertise" in the area might be used to help businesses - for example looking at whether encryption techniques and other expertise that is not considered top secret might have commercial applications.

The government also plans a new Defence Cyber Operations Group - which will include a unit at GCHQ which will develop "new tactics, techniques and plans to deliver military effects, including enhanced security, through operations in cyberspace".

Much of the strategy focuses on improving links with the private sector on the issue of cybercrime - with "hubs" to allow information to be shared on cyber threats and a pledge to look at new ways to bring together businesses, academics and government to exploit the latest innovations in tackling the threat.

The government says the internet is a growing part of the UK economy - predicted to create 365,000 jobs over the next five years. Cabinet Office Minister Francis Maude told the BBC the aim was to "make the UK one of the most secure places in the world to do business".

"The attitude at GCHQ, the willingness to collaborate with the private sector is very clear and evident ... we're looking for ways for GCHQ to collaborate with the private sector, looking at the commercial exploitation of some of their intellectual property and capability."


Individuals will be given more help to protect themselves, amid a warning from GCHQ that 80% of successful attacks could be thwarted by following simple steps like updating anti-virus software regularly.

The strategy suggests "kitemarking" cybersecurity software to help consumers and businesses avoid "scareware" - software which purports to be helpful but is, in fact, malicious.

But the strategy also urges police, prosecutors and the courts to use existing powers to restrict and monitor computer use by convicted cyber criminals, who are considered likely to strike again online.


Protecting your computer:

  • Install anti-virus and anti-spyware software, and turn on your firewall
  • Update your operating system
  • Use up-to-date applications, such as your web browser or word processing package
  • Encrypt your wireless network
  • Block spam emails

Staying safe online:

  • Use strong passwords
  • Do not give away too much personal information on blogs and social networking sites
  • Activate privacy settings on social networking sites
  • Do not open email attachments from people you don't know

Source: Get Safe Online campaign

The Ministry of Justice and Home Office will also consider whether orders restricting internet use can be enforced using "cyber tags", software which triggers automatic warnings to the police or probation service that a suspect is breaching an order.

And all police forces will be encouraged to follow the lead of the Metropolitan Police and train "cyber specials" with expert knowledge of cybercrime.

David Clemente, a cyber security expert at Chatham House, told the BBC the government's strategy was a "promising step" - but it would be a challenge to deliver the dozens of actions listed when government spending is so tight.

Earlier this month, Iain Lobban, the head of GCHQ, told a cyber security conference in London that a "significant" attempt was made to target the computer systems of the Foreign Office and other government departments over the summer.

Baroness Neville-Jones, the PM's special representative to business on cybersecurity, said Russia and China - who both attended the conference - were some of the worst culprits involved in cyber-attacks.

Foreign Secretary William Hague has said cyber-attacks could become a major threat to the country's economic welfare and its national infrastructure, such as electricity grids.


More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites


This entry is now closed for comments

Jump to comments pagination
  • rate this

    Comment number 127.


    To address the problem of Chinese/Russian/USA attacks on our security means identifying how they are doing it. The Duqu and Stuxnet worms are both using Microsoft holes to do their damage. The IT nuts are the only ones who can prevent this - people like myself who have been involved in computer security for the last 40 years.

  • rate this

    Comment number 126.

    "125.Dancin Pagan The Mad Kiltie
    Let's hope Hilary isn't reading this forum!!"

    No worries, she'll still be looking for the 'on' switch ;-)

  • rate this

    Comment number 125.

    89Bill Walker
    Most security agencies would like data to be fairly secure, but not so secure that they can't listen in to it, with the supercomputers primed to react to "keywords". That's why, when Bill Clinton was president, when I was chatting on line to a mate about the football fixtures, I didn't type "We're going to murder Chelsea this weekend"
    Let's hope Hilary isn't reading this forum!!

  • rate this

    Comment number 124.

    112.nieuw divil
    18 Minutes ago
    Yet again another HYS thread has been hijacked by left wing ranters foaming at the mouth and attacking any gov't initiative just to indulge in a spot of tory bashing.

    If the Internet had been an invention of CCCP, it would have been hailed as a great boon for the masses but reserved for the very select few.

  • rate this

    Comment number 123.

    Well all the IT nuts are going into overdrive this afternoon...Linux this...server that....people in shadows...it reads like the script of The Matrix....with a gay dating website thrown in for kicks!

    Entirely missing the point that the Russians and Chinese are bombarding UK interests with cyber attacks and we'd better do something about it as their intentions are not friendly.

    Grow up!

  • rate this

    Comment number 122.

    I'd prefer they spent their time fixing the terrible characters-remaining feature that regularly jumps from 280 to 28 to (blank) and to heaven knows what.

    With regards to personal details security for Joe Bloggs - it'll never happen while Facebook, Google+ and the like exist.

  • rate this

    Comment number 121.

    About time too !

    Has anyone guessed at the cost of losing the HMRC data discs four years ago ? I reckon £11 million just to tell us they had been lost.

    And the Driving Test details ? And the Top Secret brief case left on a train ? And... And...

    Wasted taxpayer or consumer money.

    Not to mention the News of the World saga.

    Makes the losers look incredibly stupid if you ask me.

  • rate this

    Comment number 120.

    Can I suggest you google 'cyberprotect' . This product adressess all the key issues regarding cyber theft/data leakage etc

  • rate this

    Comment number 119.

    E-mail encryption should always have been integrated into e-mail client software. It wasn’t because of the spooks in the USA preventing it.

    Take control of your own security people and start using e-mail encryption, proxy servers and consider supporting the Tor project. Don’t let those who frequent the shadows know your every thought.

  • rate this

    Comment number 118.


    I must be doing something wrong - my results were the facebook page of a rather large gentleman, a locksmith and a gay dating website !!"

    Oops, sorry, I've done the search before and google remembered it! This as a good one..


  • rate this

    Comment number 117.

    As an off-topic why don't the Beeb add paging at the top of this board as well as at the bottom?
    Easy to do with linux php/sql and helpful when it changes from earliest first to latest first.
    Until we change from teaching proprietary software to open software we will be locked in to a mediocre system.

  • rate this

    Comment number 116.

    Protecting information, even the information that is on or passes through IT systems, requires considering not only the technical threats but also the physical and people related aspects that could be exploited. Focusing solely on the technology will leave gaps that can be compromised. The new group must consider the overall picture not just one aspect. This is not just for IT techies.

  • rate this

    Comment number 115.

    My email name and security was broken into I havent used my laptop for any kind of finance so I am glad but I did have loyds saying they have canceled my account and I have never been with loyds also barcleys now my email is messed up.More should be done plus tougher sentences

  • rate this

    Comment number 114.

    It's all a question of risk and impact surely? No need to get overly uptight. Just the same as protecting your home.

  • rate this

    Comment number 113.

    The best security for public or private sector businesses is physical - do not have vulnerable or sensative data on a network that has any form of connection to the internet. You then only have to police what people bring to and from the system. With many cases reported in the media of data being left on usb sticks/laptops on the train: Why were they on there? They shouldn't leave the office.

  • Comment number 112.

    This comment was removed because the moderators found it broke the house rules. Explain.

  • rate this

    Comment number 111.

    103.Ex Tory Voter
    'Google "HRGary". If that's the quality of all private companies, we really should be panicking!'


    I must be doing something wrong - my results were the facebook page of a rather large gentleman, a locksmith and a gay dating website !!

    Which one is relevant ?

  • rate this

    Comment number 110.

    Server licensing? "

    Who said anything about server licensing? (Still free with Linux though, all you need is the hardware).

    I can't help but wonder if you have read the whole article I linked to?

    Training is a non-issue, using Ubuntu with Gnome gives a UI *very* similar to Windows.

  • rate this

    Comment number 109.

    @98nieuw divil

    Thanks ND. your posts always make laugh. It's a bit of a slow Friday and I was getting a bit bored, I read your post and it made me LOL.

    I still haven't decided if ND is a fictional character, there's a comedy show in there just waiting to happen, perhaps Ricky Gervais will take it on.

  • rate this

    Comment number 108.

    If you check the supercomputer operating system figures you will find that linux has overtaken unix in use. More than 90% of supercomputers - those used by academic/security/international finance/government agencies are using linux as are most of the servers bringing this board to you. They may be tailored versions of linux but that is its strength - with open source it is not difficult to produce


Page 2 of 8


More Politics stories



BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.