Infosec 2015: Power, money and propaganda are main aims of cyberattacks, says GCHQ chief

Spook avoids talk of Snooper’s Charter

GCHQ's cyber security chief warned that the nation's businesses are at risk of being attacked by criminals and terrorists whose main motivations are money, power and propaganda.

Giving a keynote speech at the Infosec conference held in London this week, the intelligence agency's Director General for Cyber Security, Ciaran Martin, said that organisations should take their lead from GCHQ and render them as "irrelevant as possible".

He said that in the last 10 years, the security industry has moved from talking about "what might happen" to what is now happening on a daily basis". He told delegates that it had fallen to the agency to be the UK's "top scarer". He explained that the three main motives in cyber-attacks were money, power and propaganda - particularly as intellectual property and corporate reputation gain increasing importance to organisations.

"We're genuinely surprised at the variety of UK organisations that can been subject to intrusion," he said. He urged firms to think about what would make them "attractive as a target" to criminals as a good way of approaching IT security.

Martin said that organisations faced too many incidents to be concerned about "stopping attacks everywhere" and now the main aim in IT security was to protect "what you care about most".

But the UK market, despite increased awareness of attacks, displayed a "relative immaturity of norms and practices", even in supposedly secure institutions, said Martin. He hoped that new GCHQ standards would prevent the sorts of attacks that wiped bank drives in Asia and affected a Saudi Arabian oil firm in 2012.

Martin distanced his agency from the controversial allegations that it conducted mass surveillance of British citizens and said that GCHQ's powers were "strictly circumscribed" and "needed clear justifications as laid down by parliament".

When questioned on the upcoming Investigatory Powers Bill, or 'Snooper's Charter', that the government plans to enact, Martin refused to give an answer but added that the agency's roles only worked "because we have an intelligence capability".

"If we want to protect the UK from the darkest reaches of cyberspace, we have to know how it all works."

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Citrix mulling potential sale after tumultuous 2021
mergers and acquisitions

Citrix mulling potential sale after tumultuous 2021

15 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks
Security

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021