Latest news with #PaulChichester
The National
3 days ago
- The National
Inside GCHQ: Britain's international eavesdropping nerve centre - where neurodivergence is welcome
Inside Britain 's most secret eavesdropping establishment its operatives would not, at first glance, instil fear among their arch adversaries. Formal it is not. Hawaiian shirts are more typical than a starched shirt or old school tie you might have expected to see in an official government building. The dress code is relaxed to cater for the diverse characters working there: one worker refuses to wear shoes, while another has taken fashion tips from DC Comics – a Superman of the mind, perhaps. It was one of the more arresting sights during an exclusive visit by The National to the UK's intelligence headquarters GCHQ, a giant ring-shaped building nicknamed The Doughnut on the outskirts of Cheltenham, a town better known for its annual horse racing festival. It is where some of Britain's sharpest minds are fine-tuned to take on adversaries, from enemy states to international criminals, with the evolving threat of artificial intelligence the latest weapon. 'We're an organisation that is a mix of minds,' says Paul 'Chich' Chichester, director of operations, in a rare interview at the intelligence hub. 'You cannot solve the hardest problems without thinking very differently. Plus, you get to work with brilliant minds here, bouncing ideas and having conversations that you would not experience anywhere else." You have to be "comfortable" in not being as clever as some others "in the room", he says. The hub for cracking codes and ciphers also welcomes those with neurodiversity, be it dyslexia, ADHD or autism. Their diversity approach also applies to education. Non-graduates are considered, if they can pass the rigorous aptitude test, and if its annual public Christmas Challenge decoding puzzle is a yardstick, only a few will succeed. Therefore you don't need an Oxbridge degree to get in, as many might expect? Absolutely not, answers the man known throughout GCHQ (Government Communications Headquarters) as 'Chich', whose mind likely holds some of Britain's most closely guarded secrets. Graduates of less high-profile universities would equally qualify, he adds. Shiny and secure While The Doughnut is a big, shiny building that cannot be missed when either driving down Cheltenham's main roads or from observers above, its security is extraordinarily strict – so much so that most of it cannot be reported. Navigation of layered checkpoint systems and access controls are needed to enter, and the use of all electronic devices, including mobile phones, is strictly prohibited: no recording devices for this interview. While the security officers are genial, they are also extremely vigilant, and everyone entering the site is subject to the strict security controls, with passes double-checked. If the interior is functionally office-like with inevitable banks of computer and offices, the 'hole' of The Doughnut at least provides some respite and perhaps inspiration with its green foliage and benches. We're listening The headquarters' key role is providing signals intelligence, largely through interception, to the British military and government, alongside allies. But it also defends the country against the growing number of cyber attacks that increased in 2023 from 62 'highly significant incidents' to 89 last year. The intelligence gathering is done through a series of listening posts around the world. There is a 24-hour incident centre to report cyberattacks and the 'wheels start turning' at GCHQ if the threat is serious. The heightened security becomes second nature to GCHQ's thousands of employees – the precise number is classified – many of whom dedicate their entire working life to the cause. They also work closely with MI6, says Chich, as he leans forward on the desk in a small office with a single window. 'People here love what they do, they see that it makes a difference and there's an element that you are contributing to something … a sense of duty.' Also appealing to the hundreds of bright minds, including many mathematicians, that inhabit The Doughnut is the 'cool tech that they cannot play with anywhere else'. Cyber Iran What tech his operators use is something he cannot divulge but it is certainly required to keep ahead of the increasing skills of Britain's adversaries. While Iran's cyber capabilities have 'matured in a relatively short period of time' and are 'good enough to be a threat we take very seriously' its espionage concentrates more on domestic surveillance to protect the regime. But Iran is also expanding its overseas venture with a recent report by the National Cyber Security Centre (NCSC) – an arm of GCHQ – highlighting that Tehran was 'willing to target the UK to fulfil its disruptive and destructive objectives'. AI forever That destruction and disruption is set to intensify as the power and reach of AI becomes ever more dominant. AI is 'one of the main threats that is going to change the landscape for us as an organisation', and the most serious Chich has seen in his 35 years at GCHQ. Some AI threats cannot yet be known, although some in Silicon Valley put its potential for humanity's extinction at between 10 per cent and 20 per cent. That existential moment GCHQ cannot mitigate against – although its brains would likely be foremost in the world in attempting to do so – but it is certainly fighting an increasing number of new battles against AI. 'The threat has grown and every piece of CNI [critical national infrastructure] is under threat,' says Chich. 'This is something that the world is waking up to, a significant tool that you can convert to statecraft.' While ensuring AI cannot help someone make a nuclear bomb through ChatGPT – 'although that's not particularly our remit' – it has many other evolving uses, including spear-phishing emails, that appear from an apparently trusted source to extract personal or financial information. With AI mastering English and other languages, grammatical blunders are eliminated which is 'definitely allowing people to do things at scale', says Chich. GCHQ also knows that 'some of our adversaries are certainly doing their homework' on AI that will produce technological advances that 'will definitely change our landscape'. The key, argues the affable Chich, is to use the mass of neurodivergent minds on hand to 'get ahead of the bad guys', with much intelligence investment in AI, 'a technology that will shape the next five or 10 years … or forever'. Code crackers That is some distance even from the imaginations of GCHQ's predecessors who more than a century ago set up the Government Code and Cipher School at Bletchley Park, where the German Enigma codes were famously cracked, shortening the Second World War. GCHQ's early existence was secret but its role in intercepting Soviet warship communications and positions in the 1962 Cuban missile crisis greatly assisted Washington's intelligence community. GCHQ, as it became, wasn't even known by the public until 1976 but a decade ago, with the explosion of social media and smartphones, its secrecy was no longer prudent. 'Today all societies' security is digital, increasing the surface of vulnerability,' says Chich, who with a smile adds: 'But then our ability to gain intelligence is much bigger.' Unit 26165 Another country intent on 'disruptive objectives' towards Britain is Russia, especially given the UK's support for Ukraine. Moscow's cyber athletes are not only focused on the war but are continually operating beyond its borders, trying to discover what is being supplied to Kyiv. This includes, as another NCSC report highlighted, hacking CCTV cameras at the Ukraine border alongside a 'campaign of malicious cyber activity against western logistics entities'. These operations were conducted by 'military unit 26165 of Russia's GRU' – Moscow's overseas intelligence service - that has conducted cyber campaigns against public and private organisations, including airports and air traffic management systems. Much of this was done by 'credential guessing, spear-phishing and exploitation of Microsoft Exchange mailbox permissions', the report said. While there have been major advances in drone warfare, has the Ukraine conflict also increased Moscow's cyber edge? 'History would say most innovation has been done through war,' Chich answers cryptically.
Miami Herald
22-05-2025
- Politics
- Miami Herald
Russian Intelligence Attack on NATO ‘Logistics and Technology' Exposed
Russia's military intelligence is targeting logistics operations in NATO countries which help Ukraine, according to the UK's National Cyber Security Centre (NSCS). The NSCS, part of the U.K's GCHQ (Government Communications Headquarters) said that Russia's GRU Unit 26165 is trying to penetrate networks across defense and transport systems both in Ukraine and in several of its allies. Newsweek has contacted the Russian defense ministry for comment. Western leaders have raised the alarm over the cyber warfare that Russian hacker groups have engaged in since the start of Moscow' full-scale invasion of Ukraine. These include accusations that Russia has conducted cyberattacks against Ukraine and on civilian infrastructure in Europe, and interfered in foreign elections. The NSCS report will reinforce these concerns. The NSCS said the U.K. government and its allies had exposed a campaign of "malicious cyber activity" carried out by Russia's GRU military intelligence unit 26165, also known as APT 28, against western logistics entities and technology companies. The unit, also known as 'Fancy Bear,' has raise the alarm among NATO allies with France accusing the unit in April of carrying out cyberattacks against its government ministries. The U.K. and partners from ten countries found that it had conducted the operations against both public and private organizations since 2022, the NSCS said in its press release. These included organizations across the defense sector, IT services, maritime, airports, ports and air traffic management systems and other sectors which help deliver support to Ukraine. The GRU unit's activity included credential guessing, spear-phishing and exploiting Microsoft Exchange mailbox permissions. Russian intelligence also targeted internet-connected cameras at Ukrainian border crossings and near military installations. The countries apart from Ukraine which were targeted were Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia and the U.S. No specific organizations were named and there was no information about whether the unit managed to obtain classified information. The NCSC called on leaders at technology and logistics firms to recognize the elevated cyber threat and take immediate action to protect themselves. Paul Chichester, NCSC Director of Operations: "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organizations, including those involved in the delivery of assistance to Ukraine." Atlantic Council report released May 20: "American and Western policymakers must size up the threat, unpack the complexity of Russia's cyber web, and invest in the right proactive measures to enhance their security and resilience." A report by the Atlantic Council released Tuesday concluded that Russia is a persistent and well-resourced cyber threat to the United States and its allies and partners, and the threat Moscow poses will continue to emerge in future. Related Articles Marco Rubio Refuses To Call Putin 'War Criminal', After Grilling Rex TillersonUS and Russia Flex Military Muscles on Same StageNATO Shows Force on Northern Flank with Russia as US Pulls BackUS Launches Nuclear-Capable Missile in Arms Race With Russia and China 2025 NEWSWEEK DIGITAL LLC.
Newsweek
22-05-2025
- Politics
- Newsweek
Russian Intelligence Attack on NATO 'Logistics and Technology' Exposed
Based on facts, either observed and verified firsthand by the reporter, or reported and verified from knowledgeable sources. Newsweek AI is in beta. Translations may contain inaccuracies—please refer to the original content. Russia's military intelligence is targeting logistics operations in NATO countries which help Ukraine, according to the UK's National Cyber Security Centre (NSCS). The NSCS, part of the U.K's GCHQ (Government Communications Headquarters) said that Russia's GRU Unit 26165 is trying to penetrate networks across defense and transport systems both in Ukraine and in several of its allies. Newsweek has contacted the Russian defense ministry for comment. Why It Matters Western leaders have raised the alarm over the cyber warfare that Russian hacker groups have engaged in since the start of Moscow' full-scale invasion of Ukraine. These include accusations that Russia has conducted cyberattacks against Ukraine and on civilian infrastructure in Europe, and interfered in foreign elections. The NSCS report will reinforce these concerns. This generic image from 2017 shows a computer exploited by computer hackers. This generic image from 2017 shows a computer exploited by computer hackers. Getty Images What To Know The NSCS said the U.K. government and its allies had exposed a campaign of "malicious cyber activity" carried out by Russia's GRU military intelligence unit 26165, also known as APT 28, against western logistics entities and technology companies. The unit, also known as 'Fancy Bear,' has raise the alarm among NATO allies with France accusing the unit in April of carrying out cyberattacks against its government ministries. The U.K. and partners from ten countries found that it had conducted the operations against both public and private organizations since 2022, the NSCS said in its press release. These included organizations across the defense sector, IT services, maritime, airports, ports and air traffic management systems and other sectors which help deliver support to Ukraine. The GRU unit's activity included credential guessing, spear-phishing and exploiting Microsoft Exchange mailbox permissions. Russian intelligence also targeted internet-connected cameras at Ukrainian border crossings and near military installations. The countries apart from Ukraine which were targeted were Bulgaria, the Czech Republic, France, Germany, Greece, Italy, Moldova, the Netherlands, Poland, Romania, Slovakia and the U.S. No specific organizations were named and there was no information about whether the unit managed to obtain classified information. The NCSC called on leaders at technology and logistics firms to recognize the elevated cyber threat and take immediate action to protect themselves. What People Are Saying Paul Chichester, NCSC Director of Operations: "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organizations, including those involved in the delivery of assistance to Ukraine." Atlantic Council report released May 20: "American and Western policymakers must size up the threat, unpack the complexity of Russia's cyber web, and invest in the right proactive measures to enhance their security and resilience." What Happens Next A report by the Atlantic Council released Tuesday concluded that Russia is a persistent and well-resourced cyber threat to the United States and its allies and partners, and the threat Moscow poses will continue to emerge in future.
Yahoo
22-05-2025
- Politics
- Yahoo
UK accuses Russian GRU of carrying out cyberattacks targeting logistics, technology organizations
The United Kingdom has exposed a cyber campaign orchestrated by Russian military intelligence (GRU) targeting Western logistics and technology organizations involved in delivering foreign assistance to Ukraine, the UK's National Cyber Security Centre (NSCS) announced on May 21. According to a release by the NSCS, GRU Unit 26165, also known as APT 28, has been working to penetrate secure networks in the defence, IT, maritime, airports, ports and air traffic management systems across NATO countries, in an attempt to disrupt the logistics deliveries to Ukraine. Russian hacker groups have engaged in various forms of cyber warfare throughout the full-scale war, including cyberattacks against Ukraine, hacks of civilian infrastructure in Europe, and interference in foreign elections. Since 2022, the GRU unit, has been using different tactics, including credential guessing, spear-phishing, and exploiting Microsoft Exchange mailbox permissions, to get access into various secure networks linked to delivering support for Ukraine. The Russian military intelligence unit would also target internet-connected cameras at Ukrainian border crossings and near military installations, the NCSC said. "This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine," NCSC Director of Operations Paul Chichester said in a statement. The unit, also known as 'Fancy Bear,' has previously caught the eye of other NATO allies. On April 29, the French Foreign Ministry accused the unit of escalating cyberattacks against French ministries. France has brought charges against the GRU's APT28 unit — also known as 'Fancy Bear' — based in Rostov-on-Don in southern Russia. No information was publicly provided as to whether the unit was able to obtain classified information, or what specific organizations were impacted by the breaches. NATO allies the United States, Germany, Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France and the Netherlands assisted the U.K. in exposing the cyber campaign, the NSCS said. Read also: Ukraine war latest: Russian semiconductor plant making missile, jet parts hit in Ukrainian attack, military saysWe've been working hard to bring you independent, locally-sourced news from Ukraine. Consider supporting the Kyiv Independent.
Business Mayor
22-05-2025
- Politics
- Business Mayor
Russia accused of trying to hack border security cameras to disrupt Ukraine aid
Russia tried to hack into border security cameras to spy on and disrupt the flow of western aid entering Ukraine, the UK's intelligence services and its allies have claimed. A unit of Russia's military intelligence services is accused of using a host of methods to target organisations delivering 'foreign assistance', by hacking into cameras at crossings and railway stations and near military installations. GRU Unit 26165 is also accused of sending phishing emails containing pornography and fake professional information and obtaining stolen account passwords to get into systems. It was claimed the unit – also known as APT 28 and Fancy Bear – has conducted the malicious cyber-campaign against public and private organisations in Nato states since 2022. In its advisory note, the UK's National Cyber Security Centre (NCSC) – part of GCHQ – called on private companies involved in the delivery of aid to 'take immediate action to protect themselves'. 'In addition to targeting logistics entities, unit 26165 actors likely used access to private cameras at key locations, such as near border crossings, military installations, and rail stations, to track the movement of materials into Ukraine,' the advisory says. 'The actors also used legitimate municipal services, such as traffic cams.' About 10,000 cameras were said to have been accessed near 'military installations, and rail stations, to track the movement of materials into Ukraine', of which 80% were in Ukraine and 10% in Romania. It is claimed 4% of the cameras targeted were in Poland, 2.8% in Hungary and 1.7% in Slovakia. The locations of the remaining cameras targeted were not provided. The hacking would have provided access to a 'snapshot' of the cameras' images, it is said. Other attempts were made that were designed to gather sensitive information on shipments, such as train schedules and shipping manifests, it is claimed. 'In at least one instance, the actors attempted to use voice phishing to gain access to privileged accounts by impersonating IT staff,' says the advisory from 10 countries including the US, France and Germany. It adds: 'The subjects of spearphishing emails were diverse and ranged from professional topics to adult themes. Phishing emails were frequently sent via compromised accounts or free webmail accounts. The emails were typically written in the target's native language and sent to a single targeted recipient.' Paul Chichester, the NCSC's director of operations, said: 'This malicious campaign by Russia's military intelligence service presents a serious risk to targeted organisations, including those involved in the delivery of assistance to Ukraine. skip past newsletter promotion Our morning email breaks down the key stories of the day, telling you what's happening and why it matters Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. For more information see our Privacy Policy. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply. after newsletter promotion 'The UK and partners are committed to raising awareness of the tactics being deployed. We strongly encourage organisations to familiarise themselves with the threat and mitigation advice included in the advisory to help defend their networks.' Actions suggested include increasing monitoring, using multi-factor authentication with strong factors – such as passkeys – and ensuring security updates are applied promptly to manage vulnerabilities. The advisory was drawn up with agencies from the US, Germany, Czech Republic, Poland, Australia, Canada, Denmark, Estonia, France and the Netherlands. The Russian unit has previously been accused of leaking World Anti-Doping Agency data, and played a key role in the 2016 cyber-attack on the Democratic National Committee in the US.
