UK spies boast ‘over-achievement’ in developing arsenal of hacking tools
Since 2014, the UK has significantly increased its efforts in developing cyber weapons and that is now bearing fruit, the annual report of the UK Intelligence and Security Committee states.
The plan to enhance cyber attack capabilities is divided into three tranches and GCHQ said it has just finished the first phase. Although the exact figures have been redacted, GCHQ told the Committee it “actually over-achieved and delivered almost double the number of capabilities we were aiming for”.
The spy agency said the new arsenal is on a “different scale” from what it previously possessed. “It is the full spectrum of capabilities from tactical stuff ***… right through to what we would say is the high end of counter state offensive cyber capabilities,” the report reads.
The agency, which plays a key role in running the formerly secret Tempora computer system, devotes 75 percent of its cyber efforts to offensive strategies.
Despite increased efforts, the FOXTROT program, a response to the growth of ubiquitous encryption and is one of the agency's major projects, has suffered a number of delays.
“I think we are doing all the right things. There are some problems that are just very, very hard to solve, not just because it’s technically difficult, but because the skills aren’t there,” GCHQ said.
The report somewhat justified the need to arm to the teeth as it assessed the current cyber threat to the UK and concluded that “all sectors of society are at risk”. It says the threat comes from many sources including organized crime, terrorist organizations and usual suspects such as Russia, China, North Korea and Iran.
The agency, however, failed to mention how it plans to protect its juiced up arsenal of cyber weapons in the wake of US spy agencies having troves of their hacking tools and exploits stolen. The intelligence agencies’ inability to properly babysit their hacking toys has come under heavy criticism, after one of the leaked NSA exploits helped trigger the notorious WannaCry ransomware epidemic which paralyzed hundreds of thousands of computers worldwide.