Guernsey Press

China poses ‘genuine and increasing’ cyber risk to UK, GCHQ chief warns

Anne Keast-Butler said China has an ‘advanced set of cyber capabilities’, and also has commercial hacking outfits and data brokers at its disposal.

Published
Last updated

The “irresponsible actions” of Chinese state-backed hackers are making the internet less secure for the world, a British spy chief warned.

GCHQ director Anne Keast-Butler said responding to the “coercive and destabilising actions” of the People’s Republic of China (PRC) was her “top priority”.

She also highlighted the “immediate threats” posed by Russia and Iran, carrying out actions ranging from cyber attacks, espionage and surveillance.

In a speech at the Cyber UK conference in Birmingham, she said: “Through their coercive and destabilising actions, the PRC poses a significant risk to international norms and values.

“In cyberspace, we believe that the PRC’s irresponsible actions weaken the security of the internet for all.

“China has built an advanced set of cyber capabilities, and is taking advantage of a growing commercial ecosystem of hacking outfits and data brokers at its disposal.

“China poses a genuine and increasing cyber risk to the UK.”

China wanted to shape global technology standards and assert its dominance in the field within the next 10 to 15 years, she said.

The UK was working with its Five Eyes intelligence allies – the US, Canada, Australia and New Zealand – on the challenges, she said.

First female director of GCHQ appointed
GCHQ chief Anne Keast-Butler warned about the risks from China, Russia and Iran (GCHQ/PA)

On Russia, the GCHQ chief said there were “growing links” between Vladimir Putin’s intelligence services and proxy groups to conduct “cyber attacks, as well as suspected physical surveillance and sabotage operations”.

Previously, Russia “simply created the right environment” for these groups, but it was now “nurturing and inspiring these non-state cyber actors, in some cases seemingly co-ordinating physical attacks against the West”.

The threat from Russia was “acute and globally pervasive”, Ms Keast-Butler warned.

She said GCHQ continued to strengthen Ukraine’s cyber capabilities and shared vital intelligence to expose “Putin’s malign plans” and reliance on states including China, North Korea and Iran.

She said Iran was also “aggressive in cyberspace” and “actors associated with the state had been implicated in attacks against victims in many countries”.

Tehran was continuing to develop cyber espionage expertise alongside “disruptive and destructive” capabilities.

“Whilst they might not always use the most advanced capabilities to conduct their operations, they should not be underestimated,” she added.

She said: “The Chinese authorities have introduced a new law requiring the discovery of security vulnerabilities to be provided to the government as a priority and at risk of severe penalty. This should worry all of us.”

She said the UK, US and allies had warned about the activity of the Volt Typhoon cyber group “which could be laying the groundwork for disruptive and destructive cyber attacks”.

“This is a clear warning about China’s intent to hold essential networks at risk,” she said.

“And it is a warning that providers of essential services in the UK cannot afford to ignore.”

Harry Coker, the White House’s national cyber director, said China’s People’s Liberation Army (PLA) “has invested tremendous resources in building up their cyber programme” and was intent on embedding capabilities in foreign states’ civilian infrastructure to “wreak havoc” at a time of crisis.

“The US government has already identified and disrupted the PLA’s efforts to pre-position on our critical infrastructure networks and we are going to keep pushing back,” he said.

Sorry, we are not accepting comments on this article.