Pages

13 February 2021

Into the Grey Zone: The 'offensive cyber' used to confuse Islamic State militants and prevent drone attacks

Deborah Haynes

The UK has revealed new details about a secret cyber operation against Islamic State that targeted the group's ability to fly drones, meddled with their phones and hit their propaganda.

The mission - told to Sky News by the head of GCHQ and a top general in their first joint interview - gives a sense of the kind of hacks and other covert attacks Britain is able to conduct against countries, criminals and terrorists in the grey zone of cyberspace.

Speaking about the challenge, General Sir Patrick Sanders, commander of Strategic Command, warned that the UK's enemies are using social media to sow division, spread conspiracy theories and tear "the fabric of society apart".

He and Jeremy Fleming, the GCHQ director, said a new cyber force launched last year could be used to help protect the UK from disinformation attacks spreading online.

The two men were speaking on Sky News's Into The Grey Zone podcast about the National Cyber Force as well as the action against Islamic State (IS), which is the only avowed offensive cyber operation by the UK to-date. It was most active in 2016 into 2017.

"I think it sends a really strong signal that we and our allies were not going to leave cyberspace as an uncontested place," Mr Fleming said about the IS mission.

"We have to defend it. We have to make sure it's as secure as possible. We have to make sure that it is still underpinning our commerce, our economy, our society and our communities.

"But equally, when adversaries like Daesh (Islamic State) overstep the line, then they need to expect us to contest it, too."

Image:GCHQ director Jeremy Fleming gave an interview about partnership cyber capability to Sky's Deborah Haynes

The cyber fight against Islamic State

IS shocked the world in 2014 when it seized swathes of Iraq and Syria. The militants also surged across the internet, using it to spread terror and attract recruits with horrific images of attacks and bogus promises of a better life in a self-declared caliphate.

The United States, the UK and other allies launched a visible military campaign against the group, with warplanes and troops, but they also quietly went on the offensive online.

Britain has previously acknowledged it used "offensive cyber" against IS, but this is the first time anyone has spoken publicly in such detail about what happened.

Preventing Islamic State drone attacks

One element of the mission was to disrupt attempts by IS to launch attacks from the air with drones. It involved GCHQ officers and British special forces, who were deployed in the region in support of the Iraqi military and Syrian Democratic fighters

"We piloted some really early technologies to disrupt Daesh's use of some pretty basic drone technology, but which was causing us a problem," Mr Fleming said.

The GCHQ director declined to further describe how this happened other than to say: "We used cyber techniques to affect how a drone operated."

Image:The UK used offensive cyber to confuse IS militants and infiltrate their propaganda

Confusing militants by disrupting phones

The UK also targeted the devices, such as mobile phones and laptops, that IS extremists were using to communicate with each other on the ground.

It is thought the operation stopped commanders from being able to send instructions to their foot soldiers or altered the content of these messages, meaning individuals might be tricked into heading in the wrong direction and getting killed.

There is evidence some fighters, no longer able to send or receive messages, felt so cut off and isolated that they simply dumped their weapons and left the battlefield, Sky News understands.

Image:The UK meddled with messages sent to IS militants so they went to the wrong place

"We wanted to ensure that when they tried to co-ordinate attacks on our forces, their devices didn't work, that they couldn't trust the orders that were coming to them from their seniors," General Sanders said.

"We wanted to deceive them and to misdirect them, to make them less effective, less cohesive and sap their morale.

"But you can't just do that in cyberspace. You have to co-ordinate and integrate that with activities that are going on on the ground, whether it's from our own forces, special forces and others."

Disrupting Islamic State's online propaganda

The other, much broader, dimension to the cyber mission was an effort to takedown or degrade IS's online propaganda and its ability to groom new recruits.

This involved conversations between governments and big technology companies like Facebook and Twitter to remove harmful content from their platforms.

Image:IS like to use propaganda videos to recruit militants but the UK used malware so they could not access them

But, for material that remained out of reach, British cyber spies launched malware against computer servers in different countries around the world to lock IS out of their accounts, delete and distort information on their files and remove online posts and videos.

US cyber operators were also involved in the effort.

Mr Fleming said: "We prevented their propaganda, both through physical actions on the battlefield, but also remotely getting to their servers, getting to the places that they stored their material."

Creation of the National Cyber Force and using 'offensive cyber'

The need to be able to use cyber to cause harm against adversaries and to disrupt or deter attacks prompted the UK to establish the National Cyber Force in a partnership between GCHQ and the military.

The Secret Intelligence Service, MI6, and the defence laboratory at Porton Down are also involved. The force was officially avowed in November 2020, although it has been operating since April of that year.

Image:Porton Down is one of a number of agencies involved in deploying offensive cyber for the UK

General Sanders said the term "offensive cyber" is about the deliberate manipulation of computer systems and data to achieve impacts in the real world.

He said the biggest effect is not necessarily the ability to make a computer break or a power station switch off.

"Almost the more important use or opportunities or threat that come from cyber is its ability to influence people," he said.

Using offensive cyber in other arenas

The UK appears to be evolving how it might respond to a disinformation attack by a hostile state, with a potential role for the cyber force in defending democratic events like elections.

"What you're seeing are our adversaries, our rivals, exploiting the tools that are meant to make for a more utopian society - so things like social media - against us, fuelling conspiracy theories and really sowing division and tearing the fabric of society apart," General Sanders said.

Image:Offensive cyber can be used against any hostile nation

"You could go so far and describe it as almost fuelling a civil war inside some of these societies.

"So, when it comes to promoting the cohesion of society and to protecting our democratic processes and countering the sort of hack and leak examples that you describe there, that, yes, offensive cyber is unquestionably one of the tools that is available to governments and we don't do this alone."

No comments:

Post a Comment