GCHQ boss Jeremy Fleming has revealed how the government listening post has improved its collaboration with UK businesses over the past year, to enable intelligence sharing within seconds.
Fleming told an audience of IT security professionals at the government’s CYBERUK conference in Glasgow yesterday that the agency is sharing intelligence with banks to enable real-time customer alerts, as well as the wider business community.
“In the last year we have made it simple for our analysts to share time critical, secret information in a matter of seconds. With just one click, this information is being shared and action is being taken,” he added.
“In the coming year, we will continue to scale this capability so — whether it's indicators of a nation state cyber actor, details of malware used by cyber-criminals or credit cards being sold on the dark web — we will declassify this information and get it back to those who can act on it.”
This is the result of the Industry100 initiative coordinated by GCHQ’s National Cyber Security Centre (NCSC). Fleming claimed it had been so successful that the project will be made permanent in the future.
Another sign of its effectiveness came in helping protect smaller firms against what appears to have been a Magecart campaign.
“This year, we identified over 1200 sites which were serving malicious code to illicitly copy credit card transactions,” said Fleming. “We were able to help these small businesses fix the problem and protect their customers and their reputation.”
The government’s vision to make the UK the safest place to live and work online will require a “national effort” to achieve — involving both public and private sectors and consumers, he claimed.
Sarah Armstrong-Smith, head of continuity & resilience at Fujitsu, agreed that public-private partnerships are key to tackling cyber-threats.
“By working collaboratively, organizations can share with each other, their partners and government, practical knowledge, intelligence and technological innovation that helps fight cybersecurity threats and increase resilience,” she added. “In order to make a stand and stop cyber-criminals, we must unite in our efforts to tackle the continuing challenge that we all face.”
Jake Moore, cyber security specialist at ESET, also welcomed the industry outreach efforts by GCHQ.
“GCHQ working more closely with banks and other businesses can’t come soon enough. Consumers have been in desperate need for help and support from law enforcement for quite some time as so few people are aware of how to protect themselves online,” he argued.
“Cybersecurity awareness is a national issue and those who are unaware of the magnitude of the problem require extra support. Sharing intelligence in real time with banks might be the difference between someone losing their life savings and being able to stop the attack in the first place.”