Hackers working for the UK’s National Cyber Force (NCF) made hundreds of thousands of stolen credit cards worthless to criminals, according to the head of GCHQ, Sir Jeremy Fleming.
The operation meant “tens of millions of pounds in potential fraud” against the British economy were avoided, the spy chief told the Cyber UK conference in Newport.
Ministry of Defence and GCHQ operatives have “mounted operations to undermine [criminals’] networks, and prevent them from profiting from their crimes as well as denying them access to their cyber tools and malware,” he said.
“Through the NCF we are actively undermining the cybercriminals’ assumption that they can act with impunity on the internet. We have disrupted criminals, making it clear that they are being observed, and going after their ability to profit from illegal activities,” he said in a rare reference to operational activities.
Perhaps the most significant of the attacks on Ukraine took place on the same day that Russia’s armed forces poured into the country, when wiper malware inside Viasat customers’ satellite broadband routers was detonated, rendering them effectively useless.
The attack had considerable spillover, affecting 5,800 wind turbines in Germany operated by Enercon that used Viasat for remote monitoring and control.
Western officials have not formally blamed Russia for this attack although they have accused the Russian Main Intelligence Directorate (GRU) of cyber attacks targeting the financial sector in Ukraine.
The war in Ukraine is “at the front of all of our minds,” Sir Jeremy told the conference, adding: “The suffering and broader humanitarian effects are terrible as we see the implications of indiscriminate warfare and [Russian President Vladimir] Putin’s miscalculations play out on the battlefield.”
Sir Jeremy added: “It is already a remarkable feature of this war just how much information about the behaviours and tactics of the Russian forces are out in the public domain.
“And how much intelligence has been released by Western Allies to challenge and get ahead of Putin’s actions,” the intelligence chief added.
“This is modern warfare influenced and shaped by the democratisation of information. And thankfully, the Ukrainians are excelling at it – we’re proud to be playing our part in supporting their efforts,” he said.
In a speech in Australia last month Sir Jeremy revealed declassified intelligence exposing Russian military failings: “We’ve seen Russian soldiers – short of weapons and morale – refusing to carry out orders, sabotaging their own equipment and even accidentally shooting down their own aircraft.”
On Tuesday he added: “Perhaps, the concept of a ‘cyber war’ was over-hyped. But, there’s plenty of cyber about, including a range of activity we and partners have attributed to Russia. We’ve seen what looks like some spill over of activity affecting other countries.
“And we’ve seen indications that Russia’s cyber operatives continue to look for targets in countries that oppose their actions.
“That’s why we have increased our efforts to ensure UK businesses and government urgently improve levels of cyber resilience. And why, with our allies, we will continue to support Ukraine in shoring up their cyber defences.”