Westend61/Getty Images When you replace your old but still functional Windows PC with a shiny new model, you have several options for that gently used device. You can give it away to a friend or family member. You can donate it to a charitable organization like Goodwill (which partners with Dell Reconnect). You can even […] More

A joint operation involving intelligence agency GCHQ and the Ministry of Defence took direct action against computer networks used by cyber criminals, helping to protect people against cyberattacks and also making hundreds of thousands of stolen credit cards worthless to the crooks who stole them.The action by the National Cyber Force – using the combined resources of the MoD and GCHQ – has been revealed by Jeremy Fleming, director of GCHQ. “Through the National Cyber Force, we are actively undermining the cyber criminals’ assumption that they can act with impunity on the internet. We have disrupted criminals, making it clear that they are being observed, and going after their ability to profit from their illegal work,” he said, speaking at the National Cyber Security Centre’s (NCSC) Cyber UK event in Newport, Wales. 

ZDNet Recommends

Fleming described how the NCF – which was first announced in 2020 and received an official home in 2021 – is working alongside international partners to actively mount operations to “undermine” the networks of cyber criminals, denying them access to malware and other offensive cyber tools and preventing malicious hackers from profiting from cybercrime – all to help protect citizens from falling victim to cyberattacks and fraud. SEE: My stolen credit card details were used 4,500 miles away. I tried to find out how it happened”In real life this means: tens of millions of pounds in potential fraud against the UK economy avoided. Hundreds of thousands of stolen credit cards made worthless to the criminals, and countless potential victims of crime around the world with their data and accounts safeguarded,” said Fleming. He did not detail how this was done.”The NCF is already making a big impact. From countering disinformation, to supporting the activities of our military overseas, and to helping law enforcement to go after criminal gangs, it is improving the UK’s defences and it’s imposing a cost on our adversaries,” he added.The active operations of the NCF forms just one part of a national cybersecurity strategy designed to help protect people, organisations and infrastructure from cyberattacks.  Another key aspect of that approach detailed by the intelligence agency chief is the importance of cybersecurity skills, along with finding and training people from a diverse range of backgrounds to draw on their own experiences to help keep the UK stay safe from cyber criminals – and other hostile cyber threats. “The talent in the community today is huge. But if the UK wants to continue to be successful, we need to widen the appeal of careers in cyber,” said Fleming. “Together, we must work to attract the next generation of talent from as diverse a pool as possible, from right across the country. The range of lived experiences this will bring into the workforce will make us collectively better,” he added. Concluding his speech, Fleming emphasized the importance of cybersecurity and protecting against all manner of threats that the UK and much of the wider world looks set to face in the coming years. “The global shifts we are seeing will take decades to resolve. And while I can’t predict how things will turn out, I can confidently say that cyber and cybersecurity will continue to be pivotal,” he said. MORE ON CYBERSECURITY More

Toshiba/ZDNETBuying a big-screen TV to upgrade your living room or home theater doesn’t have to cost a fortune. Right now at Best Buy, you can pick up the 75-inch Toshiba C350 More

It’s vital that all countries follow international rules and norms if deploying cyber weapons, but some nation states aren’t being responsible when it comes to how they use cyber powers, some of the UK’s top intelligence and cyber chiefs have warned.
In a rare joint appearance in public at Chatham House, Jeremy Fleming, director of GCHQ, the UK’s intelligence and security organisation, and General Sir Patrick Sanders, commander of UK Strategic Command, which leads on the cyber domain for the military, detailed how cyberspace is becoming an increasingly important area of military operations and international relations.

More on privacy

The discussion involving the two intelligence officials came just weeks after the UK announced the National Cyber Force, a new offensive unit to take on and disrupt activity by cyber criminals and nation-state hacking operations.
SEE: Cyberwar and the future of cybersecurity (free PDF download)
“The domain is changing very quickly and we need now as a nation to be building out from our defensive posture to take advantage of all those benefits that come from technology, but also be able to contest cyberspace,” said Fleming.
“To be a responsible cyber power, we need to defend the digital homeland, we need to be able to disrupt and compete in cyberspace and we need to do that in accordance with international law and internationally agreed norms,” he added.
Cyberattacks and hacking campaigns have become an increasingly common part of how countries attempt to gather intelligence – and the discussion took place just as it was revealed that Russian intelligence services were behind a large hacking campaign that compromised departments across the US government.

“The thing that’s changed for me most is the intensity and the range and the scale. And cyberspace is now not only the most contested domain that we operate in but it’s one where there’s a state of permanent perpetual confrontation,” said Sanders.
“Cyberspace has become a domain of operations. And so we have to, when we’re thinking about military operations, be able to exploit cyberspace, defend ourselves in cyberspace and crucially integrate effects of cyberspace with what we do on land, air and sea – and in space,” he added.
Both intelligence chiefs pointed out that while the use of cyber weapons is increasingly on the agenda for the UK – and they’ve already been deployed – it’s important that they’re used appropriately.
“When we apply force in cyberspace we’re guided by the same principals as when we use kinetic force; military necessity, proportionality, discrimination and humanity,” said Sanders.
“So the idea we’d construct some kind of a cyber weapon of mass destruction… and use that indiscriminately is directly counter to international law… but it’s contrary to our values and it’s counter-productive. We’re trying to establish norms in cyberspace.”
The world has already seen the unintended consequences of what happens when cyber weapons get out of control; May 2017’s WannaCry ransomware attack encrypted networks around the world and was followed just weeks afterwards by NotPetya wiping networks of organisations around the world – both used the same EternalBlue vulnerability that formed part of a leaked NSA hacking tool.
SEE: Ransomware victims aren’t reporting attacks to police. That’s causing a big problem
North Korea was found to have launched WannaCry while the NotPetya attack has been attributed to the Russian military. Both attacks were designed to be self-perpetuating – and both are likely to have spread further out of control than those behind them would’ve liked.
“In those consequences, what we saw were tools that self-proliferated in a way that I am sure the states behind them had not intended. The question is how do we stop that sort of thing happening?,” said Fleming.
“The way in which we think about capability and the way in which we plan operations, the legal and statutory and oversight behind us mean we have a very different starting point to those states that have released those sort of capabilities. I’m aware of no responsible state that is designing tools that are self-proliferating in that way,” he added.
MORE ON CYBERSECURITY More

<!–> Learn cybersecurity basics with this course bundle deal. StackSocial If you’re interested in a career in IT, you don’t have to get a formal education to begin your training – and you may not want to. Considering the steep learning curve of the industry, it may be worthwhile to start your education before you […] More