UK military used malware to disrupt extremist networks

Experts cite WannaCry with warnings that hacking tools have the potential for severe collateral damage

Military operative on a remote computer

Using malware as a deterrent, disrupting extremist networks and remotely disabling devices are just some of the ways the UK is fighting on the cyber front lines, the head of the country's strategic command has revealed. 

General Sir Patrick Sanders discussed the UK's cyber offensive capabilities on the Sky News podcast Into The Grey Zone, which also featured insight from Jeremy Fleming, the director of GCHQ.

The key theme of the discussion was the Islamic State (Isis) with Sanders speaking in detail about the cyber offensive strategies used against the organisation. Along with the US and other allies, visible military tech has been deployed against Isis, such as warplanes and drones, but there has also been a more covert use of online attacks.

The UK's military has previously suggested the use of 'cyber offensives', but this is the first time it has publicly discussed it. 

"I think it sends a really strong signal that we and our allies were not going to leave cyberspace as an uncontested place," Fleming said to Sky News.

"We have to defend it. We have to make sure it's as secure as possible. We have to make sure that it is still underpinning our commerce, our economy, our society and our communities. But equally, when adversaries like Daesh (Islamic State) overstep the line, then they need to expect us to contest it, too."

As part of its cyber campaign, the UK military targeted mobile phones and laptops, devices that Isis extremists used to communicate with their contacts on the ground. The attacks were thought to be successful by stopping senior Isis officers from sending instructions, altering the content of the messages and confusing ground troops. In some cases, the attacks lead foot soldiers into the path of UK and allied troops. 

The UK also launched malware against computer servers in various countries around the world to shut down Isis accounts, delete and distort information on their files, and also to remove online posts and videos. It is thought that US cyber operators were also involved in these efforts.

Related Resource

Ransomware report

The global state of the channel

Global state of the channel - ransomware report from DattoDownload now

The 'Friendly' use of malware by the UK military should come as no surprise to anyone, according to Chris Sedgwick, director of security operations at Sy4 Security.  

"The files Edward Snowden released in 2013 highlight the immense capability that GCHQ and other countries within Five Eyes have in relation to hacking personal devices and access to our sensitive data," Sedgwick told IT Pro. "Since then the UK Military has established "77th Brigade" which aims to tackle online disinformation. However, the launching of actual malware should follow very clear legal frameworks and justifications much the same as a physical military attack." Similarly, malware attacks have the potential for severe collateral damage, according to Mike Beck, global CISO for Darktrace. "We saw how malware can bleed from initial targets to cause widespread destruction with WannaCry, NotPetya, and Stuxnet" Beck explained. "Cyber conflict is asymmetrical and it is much easier to attack than to defend. The rules of conventional warfare do not apply to cyber and states must strive for good defence, not just good offence."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Security best practices for PostgreSQL

Securing data with PostgreSQL

Download now

Transform your MSP business into a money-making machine

Benefits and challenges of a recurring revenue model

Download now

The care and feeding of cloud

How to support cloud infrastructure post-migration

Watch now

Recommended

What is cyber warfare?
Security

What is cyber warfare?

23 Mar 2021
Weakness in Mamba ransomware could help recover data
ransomware

Weakness in Mamba ransomware could help recover data

26 Mar 2021
Invoice ZLoader campaign hides within encrypted Excel docs
malware

Invoice ZLoader campaign hides within encrypted Excel docs

8 Mar 2021
MacBook users warned against EvilQuest ransomware
ransomware

MacBook users warned against EvilQuest ransomware

19 Feb 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
Data belonging to 500 million LinkedIn users found for sale on hacker marketplace
hacking

Data belonging to 500 million LinkedIn users found for sale on hacker marketplace

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021