• United States



UK Editor

UK reveals offensive cyber capabilities principles, counter operations

Apr 05, 20233 mins
Advanced Persistent ThreatsCritical InfrastructureThreat and Vulnerability Management

For the first time, the UK government has disclosed details about its offensive cyber capabilities to counter state threats, support military operations, and disrupt cybercrime.

UK Parliament and Big Ben with data points

The UK government has revealed how its offensive cyber capabilities help protect the UK from threats in a first-of-its-kind guide. The National Cyber Force (NCF), a partnership between GCHQ and the Ministry of Defence (MoD), shared the principles under which it conducts cyber operations to counter state threats, support military operations, and disrupt terrorists and serious crime.

In the paper, the UK government outlined its commitment to international stability and security, illustrating how states can act responsibly in cyberspace and demonstrating how the NCF operates under a strict set of principles. This contrasts with the reckless and indiscriminate activities of those who would do harm to the UK and its allies, it said.

The NCF was officially launched in 2020. It is the first time the UK government has disclosed details about how the agency works.

UK’s offensive cyber operations conducted in legal, ethical manner

All NCF operations are conducted in a legal and ethical manner, in line with domestic and international law and national values, it wrote in the Responsible Cyber Power in Practice guide. The operations are based on a deep understanding of the cyber environment, which enables NCF to design, time, and target them with precision.

Central to the NCF’s approach is the “doctrine of cognitive effect” – using techniques that have the potential to sow distrust, decrease morale, and weaken adversaries’ abilities to plan and conduct their activities effectively. “This can include preventing terrorist groups from publishing pieces of extremist media online or making it harder for states to use the internet to spread disinformation by affecting their perception of the operating environment,” it said.

UK’s cyber operations counter cyberthreats, state disinformation, election interference

As its work is covert, the NCF is not able to reveal details of individual operations. However, it has disclosed that over the last three years, the NCF has delivered operations to:

  • Protect military deployments overseas.
  • Disrupt terrorist groups.
  • Counter sophisticated, stealthy, and continuous cyberthreats.
  • Counter state disinformation campaigns.
  • Reduce the threat of external interference in democratic elections.
  • Remove child sexual abuse material from public spaces online.

The guide also outlined that the NCF’s cyber operations follow a set of three principles: They need to be accountable, precise, and calibrated.

“In an increasingly volatile and interconnected world, to be a truly responsible cyber power, nations must be able to contest and compete with adversaries in cyberspace,” said Sir Jeremy Fleming, director GCHQ. The NCF complements the UK’s world class cyber resilience to give the country operational cyber capabilities at the scale needed to protect our free, open, and peaceful society, he added. “With the threat growing and the stakes higher than ever before, we hope this document provides a benchmark for the UK’s approach and a basis for like-minded governments to come together internationally to establish a shared vision and values for the responsible use of cyber operations.”

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past 8 years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author