The NCF publishes ‘Responsible Cyber Power in Practice’
The National Cyber Force (NCF) – a partnership between GCHQ and MOD – today for the first time disclosed details about its approach to responsible cyber operations to counter state threats, support military operations, and disrupt terrorists and serious criminals.
Following the Government’s Integrated Review Refresh last month, this new document titled NCF: Responsible Cyber Power in Practice published today delivers on the commitment to be as transparent as possible about the NCF’s cyber capabilities and provide clarity on how the UK acts as a responsible and democratic cyber power.
The new document sets out NCF’s approach to leveraging cyber power responsibly. This is principally through applying three operational principles. NCF operations are accountable, precise and calibrated. Conducted in a legal and ethical manner, in line with domestic and international law and our national values, operations are based on a deep understanding of the cyber environment and are designed to be timed and targeted with precision, with their intended impact carefully assessed. This contrasts with the reckless and indiscriminate activities of those who would do harm to the UK’s and its allies.
Central to NCF’s approach is the ‘doctrine of cognitive effect’ – using techniques that have the potential to sow distrust, decrease morale, and weaken adversary ability to plan and conduct their activities effectively with the goal of changing their behaviour. This can include preventing terrorist groups from publishing pieces of extremist media online or making it harder for states to use the internet to spread disinformation.
NCF’s operations are covert, and the intent is sometimes that adversaries do not realise that the effects they are experiencing are the result of a cyber operation. The ambiguity involved can help to amplify the cognitive effect. However, to demonstrate how the NCF’s capabilities are used in line with the UK’s commitment to being a responsible cyber actor, today the NCF stated that since its inception in 2020, it has delivered operations to:
- protect military deployments overseas;
- disrupt terrorist groups;
- counter sophisticated, stealthy and continuous cyber threats;
- counter state disinformation campaigns;
- reduce the threat of external interference in democratic elections; and
- remove child sexual abuse material from public spaces online.
Through NCF: Responsible Cyber Power in Practice, the UK is reiterating its commitment to international stability and security, and illustrating how states can act responsibly in cyberspace, in line with domestic and international law.
Director GCHQ, Sir Jeremy Fleming, said:
In an increasingly volatile and interconnected world, to be a truly responsible cyber power, nations must be able to contest and compete with adversaries in cyberspace. In the UK, the National Cyber Force (NCF) complements the UK’s world class cyber resilience to give the country operational cyber capabilities at the scale needed to protect our free, open, and peaceful society.
“Building upon two decades of experience, the dynamic new partnership has countered state threats, made key contributions to military operations, and disrupted terrorist cells and serious criminals including child sex offenders.
“With the threat growing and the stakes higher than ever before, we hope this document provides a benchmark for the UK’s approach and a basis for like-minded governments to come together internationally to establish a shared vision and values for the responsible use of cyber operations.
General Sir Jim Hockenhull, Commander of Strategic Command, said:
The National Cyber Force is a crucial tool in our integrated approach to national security and our defence of the UK.
“Working across Government and with our international allies is vital. There is a power in partnerships, and we must go further to out-cooperate and out-compete states that are driving instability.
The NCF is also today avowing its Commander for the first time, as part of the Government’s commitment to provide transparency about how the UK conducts responsible cyber operations.
James Babbage, a GCHQ intelligence officer for nearly 30 years, has led NCF since its inception in 2020, scaled its operations and led efforts to integrate it effectively with a broad range of other agencies and partners.
He has spent most of his career at GCHQ, with a secondment to the Ministry of Defence and a tour as a liaison officer in the US.