Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

China poses ‘genuine and increasing’ cyber risk to UK, GCHQ chief warns

Anne Keast-Butler said China has an ‘advanced set of cyber capabilities’, and also has commercial hacking outfits and data brokers at its disposal.

David Hughes
Tuesday 14 May 2024 13:32 BST
In a speech at the Cyber UK conference in Birmingham GCHQ director Anne Keast-Butler highlighted cyber threats posed by China (GCHQ/PA)
In a speech at the Cyber UK conference in Birmingham GCHQ director Anne Keast-Butler highlighted cyber threats posed by China (GCHQ/PA) (PA Media)

Your support helps us to tell the story

This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.

The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.

Help us keep bring these critical stories to light. Your support makes all the difference.

The “irresponsible actions” of Chinese state-backed hackers are making the internet less secure for the world, a British spy chief warned.

GCHQ director Anne Keast-Butler said responding to the “coercive and destabilising actions” of the People’s Republic of China (PRC) was her “top priority”.

She also highlighted the “immediate threats” posed by Russia and Iran, carrying out actions ranging from cyber attacks, espionage and surveillance.

In cyberspace, we believe that the PRC's irresponsible actions weaken the security of the internet for all

Anne Keast-Butler

But the scale of the challenge from Beijing meant GCHQ devotes “more resource to China than any other single mission”.

In a speech at the Cyber UK conference in Birmingham, she said: “Through their coercive and destabilising actions, the PRC poses a significant risk to international norms and values.

“In cyberspace, we believe that the PRC’s irresponsible actions weaken the security of the internet for all.

“China has built an advanced set of cyber capabilities, and is taking advantage of a growing commercial ecosystem of hacking outfits and data brokers at its disposal.

“China poses a genuine and increasing cyber risk to the UK.”

China wanted to shape global technology standards and assert its dominance in the field within the next 10 to 15 years, she said.

The UK was working with its Five Eyes intelligence allies – the US, Canada, Australia and New Zealand – on the challenges, she said.

She added: “We have repeatedly called out Chinese cyber adversaries for activities that threaten the security of the UK or target the institutions important to our society, such as the compromise of the UK Electoral Commission.”

On Russia, the GCHQ chief said there were “growing links” between Vladimir Putin’s intelligence services and proxy groups to conduct “cyber attacks, as well as suspected physical surveillance and sabotage operations”.

Previously, Russia “simply created the right environment” for these groups, but it was now “nurturing and inspiring these non-state cyber actors, in some cases seemingly co-ordinating physical attacks against the West”.

The threat from Russia was “acute and globally pervasive”, Ms Keast-Butler warned.

She said GCHQ continued to strengthen Ukraine’s cyber capabilities and shared vital intelligence to expose “Putin’s malign plans” and reliance on states including China, North Korea and Iran.

She said Iran was also “aggressive in cyberspace” and “actors associated with the state had been implicated in attacks against victims in many countries”.

Tehran was continuing to develop cyber espionage expertise alongside “disruptive and destructive” capabilities.

“Whilst they might not always use the most advanced capabilities to conduct their operations, they should not be underestimated,” she added.

The US government has already identified and disrupted the PLA's efforts to pre-position on our critical infrastructure networks and we are going to keep pushing back

Harry Coker

The National Cyber Security Centre’s chief, Felicity Oswald, also raised concerns about China’s online activity and urged network managers to bolster their defences.

She said: “The Chinese authorities have introduced a new law requiring the discovery of security vulnerabilities to be provided to the government as a priority and at risk of severe penalty. This should worry all of us.”

She said the UK, US and allies had warned about the activity of the Volt Typhoon cyber group “which could be laying the groundwork for disruptive and destructive cyber attacks”.

“This is a clear warning about China’s intent to hold essential networks at risk,” she said.

“And it is a warning that providers of essential services in the UK cannot afford to ignore.”

Harry Coker, the White House’s national cyber director, said China’s People’s Liberation Army (PLA) “has invested tremendous resources in building up their cyber programme” and was intent on embedding capabilities in foreign states’ civilian infrastructure to “wreak havoc” at a time of crisis.

“The US government has already identified and disrupted the PLA’s efforts to pre-position on our critical infrastructure networks and we are going to keep pushing back,” he said.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in