GCHQ has "over-achieved" at developing state hacking tools
The organisation has developed double the offensive cyber attacks than that of criminals
A report by the Intelligence and Security Committee said GCHQ spies have "over-achieved" in the last 12 months, developing twice as many potential hacks than its targets.
The GCHQ is developing these hacking capabilities to use against criminals when they launch cyber crimes. It means the UK government is prepared to attack another country's vital infrastructure, such as their communications systems or automated weapons.
There are three stages to the GCHQ's mission, the first of which has been completed ahead of schedule according to the Intelligence and Security Committee report.
"We actually over-achieved and delivered [almost double the number of] capabilities [we were aiming for]," an official from the agency told the Committee (via the BBC).
Although much of the information has been omitted from the public version of the Committee's report, it did reveal that not all attempts to create offensive cyber-weapons were successful. For example, the Foxtrot project was designed to combat encryption, with the project described as an "equipment interference programme to increase GCHQ's ability to operate in an environment of ubiquitous encryption".
However, a lack of skills in the specific area means it hasn't been able to complete the work and needs to find better resources to help it finish the project.
Also highlighted was Project Golf, which focuses on supercomputing and enhancing the government's data analysis to help combat threats, but its development has been halted until next year.
Similarly, the MI5's Alfa project, which has been designed to manage the organisation's information, has been delayed and "significant risks" are stopping it from being completed.
The essential guide to cloud-based backup and disaster recovery
Support business continuity by building a holistic emergency planDownload now
Trends in modern data protection
A comprehensive view of the data protection landscapeDownload now
How do vulnerabilities get into software?
90% of security incidents result from exploits against defects in softwareDownload now
Delivering the future of work - now
The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.Download now