GCHQ has "over-achieved" at developing state hacking tools
The organisation has developed double the offensive cyber attacks than that of criminals
A report by the Intelligence and Security Committee said GCHQ spies have "over-achieved" in the last 12 months, developing twice as many potential hacks than its targets.
The GCHQ is developing these hacking capabilities to use against criminals when they launch cyber crimes. It means the UK government is prepared to attack another country's vital infrastructure, such as their communications systems or automated weapons.
There are three stages to the GCHQ's mission, the first of which has been completed ahead of schedule according to the Intelligence and Security Committee report.
"We actually over-achieved and delivered [almost double the number of] capabilities [we were aiming for]," an official from the agency told the Committee (via the BBC).
Although much of the information has been omitted from the public version of the Committee's report, it did reveal that not all attempts to create offensive cyber-weapons were successful. For example, the Foxtrot project was designed to combat encryption, with the project described as an "equipment interference programme to increase GCHQ's ability to operate in an environment of ubiquitous encryption".
However, a lack of skills in the specific area means it hasn't been able to complete the work and needs to find better resources to help it finish the project.
Also highlighted was Project Golf, which focuses on supercomputing and enhancing the government's data analysis to help combat threats, but its development has been halted until next year.
Similarly, the MI5's Alfa project, which has been designed to manage the organisation's information, has been delayed and "significant risks" are stopping it from being completed.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now