Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Standards, Regulations & Compliance

Details of 1st Government Hack Are Disclosed, 20 Years Later

The 2003 Cyberattack Has Been Linked to a State-Sponsored Cyberespionage Campaign
Details of 1st Government Hack Are Disclosed, 20 Years Later
Big Ben, London (Image: Pixabay)

The NCSC, which is part of the Government Communications Headquarters, revealed that the malware attack in June 2003, when an employee noticed suspicious activity, had been part of a state-sponsored cyberespionage attack.

See Also: Critical Infrastructure Cybersecurity & Risk Monitoring: Elections Infrastructure

The Communications-Electronics Security Group, which was the information assurance arm of GCHQ, was called in to analyze the situation.

Investigators tied the hack to a phishing email sent to an employee, and a detailed analysis led to the discovery of info-stealer malware "designed to steal sensitive data and evade anti-virus products."

The incident triggered a "series of actions transformative to cyber incident investigations," the NCSC said, adding that this was the first instance of GCHQ combining its signals intelligence capabilities with its cybersecurity function to investigate and identify a perpetrator.

The CESG shared its analysis of the cyberespionage tactics with its international allies at the time, but the NCSC on Friday did not reveal details of the targeted agency, the extent of the breach or the name of the nation-state behind the attack.

Paul Chichester, director of operations at NCSC, said it was "the first time that the UK and Europe started to understand the potential online risks faced."

"Our response transformed how we investigate and defend against such attacks," he said. "Twenty years ago, we were just crossing the threshold of the cyberattack arena. The NCSC and our allies have come such a long way since this incident."

The CESG's cyber expertise was later fused with the Center for Cyber Assessment, CERT-UK and the Center for Protection of National Infrastructure - now the National Protective Security Authority - and led to the formation of NCSC, which is responsible for responding to cybersecurity incidents.

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.