In his first public speech as director of British spy agency GCHQ, Jeremy Fleming called out Russia’s “unacceptable cyber behavior,” amidst rising tensions between Western allies and the Kremlin in Syria and beyond. Speaking at the CyberUK event in Manchester, U.K., on Thursday, Fleming said recent events had been “particularly stark and shocking,” pointing to the use of a nerve agent on a former Russian spy and his daughter on British soil.
He said the poisoning of the Skripals, for which Russia has denied culpability, was a sign of how “reckless” the Kremlin was willing to be and how comfortable it was “putting ordinary lives at risk.” From an online perspective, Fleming said the U.K. would continue to respond to malicious cyber activity and would “attribute where we can.”
The GCHQ chief pointed to the recent outbreak of the NotPetya ransomware, which spread out from initial targets in Ukraine to hit global businesses last year, as a sign of Russia’s increasing use of its cyber capabilities. “They’re not playing to the same rules,” he added. “They’re blurring the boundaries between criminal and nation state activity.”
The U.S. officially blamed Russia for NotPetya earlier this year. The Kremlin denied it was responsible.
Fleming’s comments came a day after President Trump warned on Twitter of stronger action against Russia, over the Kremlin’s threat to shoot American missiles out of the sky.
Russia vows to shoot down any and all missiles fired at Syria. Get ready Russia, because they will be coming, nice and new and “smart!” You shouldn’t be partners with a Gas Killing Animal who kills his people and enjoys it!
— Donald J. Trump (@realDonaldTrump) April 11, 2018
U.K. prime minister Theresa May plans to convene with her Cabinet on Thursday to discuss how to respond to the rising tensions in Syria. She’d previously called out Russia for its aggressive online actions.
Fighting ISIS online
Fleming also talked up his agency’s work to fight ISIS, also known as Daesh, online. He revealed that GCHQ had worked with the U.K. Ministry of Defence to conduct “a major offensive cyber campaign against Daesh,” which he claimed hindered the terror group’s ability to coordinate attacks and protected coalition forces on the battlefield.
“Did it work? I think it did,” he said, going on to say the work may have even destroyed equipment and networks. “In 2017, there were times when Daesh found it almost impossible… to spread their rhetoric,” Fleming added. “This campaign shows how effective targeted offensive cyber can be.”