Face­book’s dig­i­tal cults

The so­cial net­work’s en­cour­age­ment of pri­vate groups threat­ens an elec­tion night­mare

The Daily Telegraph - Business - - Front Page -

It’s the se­cre­tive head­quar­ters of Bri­tain’s shad­owy cy­ber war against skilled Rus­sian and Chi­nese hack­ers. But the of­fice of the Na­tional Cy­ber Se­cu­rity Cen­tre, a di­vi­sion of spy agency GCHQ, looks more like the re­gional head­quar­ters of an in­surance firm. The open-plan of­fice in Lon­don’s Vic­to­ria sits be­side a burger restau­rant and a clus­ter of trendy cof­fee shops. Some­times staff mem­bers bring their dogs into the of­fice.

If you pay at­ten­tion, how­ever, you will soon re­alise that this isn’t a nor­mal of­fice. Only a hand­ful of em­ploy­ees can dis­close their sur­names to the pub­lic and meet­ing rooms with­out win­dows are used for clas­si­fied dis­cus­sions.

This used to be the do­main of Ciaran Martin, an easy-go­ing civil ser­vant from North­ern Ire­land who ran the NCSC and shep­herded its emer­gence from the se­crecy of GCHQ into the pub­lic eye in 2016.

Now, af­ter 23 years, Martin is out of the civil ser­vice. He left the NCSC at the end of Au­gust, hand­ing the reins over to Lindy Cameron, an­other civil ser­vant from North­ern Ire­land.

The ad­just­ment hasn’t been easy for Martin. For the first time in his ca­reer, he doesn’t have a team of se­cu­rity ser­vices em­ploy­ees on hand to man­age his di­ary and field press re­quests. It’s been a “huge ad­just­ment”, he ad­mits.

“The with­drawal of a bril­liant sup­port team has been a mi­nor trauma be­cause they were great,” he says in a call from his fam­ily home in Ox­ford­shire. The estab­lish­ment of the NCSC came as the UK faced se­ri­ous hack­ing at­tacks from Rus­sia and China which have probed our na­tional in­fra­struc­ture and sought to steal coro­n­avirus vac­cine re­search.

Form­ing a new di­vi­sion of a spy agency at a time when cy­ber­se­cu­rity is more vi­tal to the coun­try’s safety than ever be­fore is no easy task. For Martin, who was born in Omagh in 1974, the in­spi­ra­tion for his move into pub­lic ser­vice came as he grew up in North­ern Ire­land dur­ing the Trou­bles.

“Grow­ing up in the Eight­ies, the back­ground of the Trou­bles was al­ways there,” Martin says. “Over time, clever and well-mean­ing peo­ple in Lon­don, Belfast and Dublin did some very imag­i­na­tive work to cre­ate the con­di­tions for bet­ter things. So I think for me, there was al­ways some­thing about good, trust­wor­thy, fair, high­qual­ity gov­ern­ment.”

A teenage Martin played key­boards in an in­die rock band named Some Kind of Won­der­ful, a fact which a child­hood friend mis­chie­vously added to his Wikipedia ar­ti­cle. “We weren’t very good and no­body was in­ter­ested in us,” Martin re­calls with a laugh.

He grad­u­ated with a de­gree in his­tory from the Univer­sity of Ox­ford in 1996 be­fore en­ter­ing gov­ern­ment.

Af­ter years in­side the Trea­sury, Na­tional Au­dit

Of­fice and Cab­i­net Of­fice, Martin en­tered the se­cre­tive in­tel­li­gence agency GCHQ.

The 2015 gen­eral elec­tion led to a re­newed fo­cus on cy­ber­se­cu­rity and Martin used the op­por­tu­nity to lobby for a new pub­lic face for the or­gan­i­sa­tion, which for years had main­tained an ex­ceed­ingly low pro­file.

“We spent one

Fri­day draft­ing a pa­per for min­is­ters that was ac­tu­ally quite tech­ni­cal and am­bi­tious,” Martin re­calls. “And they came back and said ‘yeah, we love this’.”

The NCSC started life as a way for cy­ber­se­cu­rity ex­perts to work with or­gan­i­sa­tions to keep them safe with­out the pres­sure of hav­ing to re­main in the shad­ows. Martin’s ini­tial con­cerns were that busi­nesses would refuse to work with the NCSC fol­low­ing the Snow­den rev­e­la­tions and that the or­gan­i­sa­tion would ac­ci­den­tally dis­close se­cret ma­te­rial to the pub­lic. Martin says nei­ther of those sce­nar­ios came to pass. But the or­gan­i­sa­tion has faced se­ri­ous at­tacks from Rus­sian hack­ing groups linked to the coun­try’s gov­ern­ment.

“In the six and a half years that I was at GCHQ, Rus­sia was the op­er­a­tional con­stant. It was a very sig­nif­i­cant threat,” Martin says. “GCHQ has been track­ing some of these Rus­sian groups for nearly 30 years. Some of them are very good.”

Rus­sian hack­ers pre­vi­ously crept into the UK’s en­ergy grid, for now just snoop­ing around to gain an un­der­stand­ing of how ev­ery­thing works in case they might want to re­turn and wreak havoc. A se­ri­ous hack of a power plant is likely to be classed by the NCSC as a “cat­e­gory one” at­tack, which could cause loss of life or se­vere eco­nomic dam­age.

The NCSC calls these types of at­tacks a “na­tional cy­ber emer­gency”. The or­gan­i­sa­tion has never had to de­clare one of these emer­gen­cies, but Martin says it “came close”.

He says a hack­ing cam­paign car­ried out by the Chi­nese gov­ern­ment, which was re­vealed in 2018, that tar­geted busi­nesses around the world likely caused enough dam­age to be de­clared a cat­e­gory one in­ci­dent.

“I think we only stopped short of cat­e­goris­ing that as a cat­e­gory one be­cause we couldn’t quite quan­tify what they’d done,” Martin says.

And the Wan­naCry ran­somware at­tack of 2017 which spread around the world, lock­ing com­put­ers in busi­nesses and the NHS, was also a se­ri­ous prob­lem. “Had Wan­naCry got closer to dis­rupt­ing pa­tient care, I would have de­clared that a cat­e­gory one at­tack,” he adds.

The most press­ing dan­ger, Martin be­lieves, isn’t a cat­a­strophic cy­ber at­tack caused by a skilled hacker man­ag­ing to break into the servers of a nu­clear power plant, for ex­am­ple.

In­stead, it’s the risk that the UK con­tin­ues to be vul­ner­a­ble to ran­somware at­tacks which shut down ser­vices like health­care.

Martin is call­ing for “ur­gent” ac­tion to com­bat ran­somware, in­clud­ing a change in the law to pre­vent busi­nesses from pay­ing ran­soms.

He also wants busi­nesses to make pre­par­ing for ran­somware a board­level prob­lem. “Coun­ter­ing ran­somware is not rocket science,” he

‘GCHQ has been track­ing some of these Rus­sian groups for nearly 30 years. Some of them are very good’

says. “It’s an avoid­able prob­lem and there needs to be a lot more lead­er­ship at­ten­tion.”

The most high-pro­file pe­riod of the NCSC’s ex­is­tence was the de­bate over whether to al­low Huawei, the Chi­nese tele­coms sup­plier, to play a role in the UK’s 5G net­works.

Martin’s or­gan­i­sa­tion be­came the pub­lic face of the se­cu­rity ser­vices’ tech­ni­cal as­sess­ment that the risk could be man­aged. At one press con­fer­ence in 2019, aides were left plead­ing with jour­nal­ists to ask Martin about some­thing other than Huawei.

“The Huawei is­sue was highly un­usual,” Martin re­calls. He says it had pe­ri­ods of “high stress” as the NCSC waded into a po­lit­i­cally charged topic.

The UK’s ini­tial de­ci­sion in Jan­uary to al­low lim­ited use of the firm’s kit was over­turned fol­low­ing US sanc­tions which cut Huawei off from parts of its own sup­ply chain. “The US sanc­tions changed ev­ery­thing tech­ni­cally,” Martin says. “I know that will seem to some peo­ple a rather bor­ing and con­ve­nient route to a change of pol­icy. It also hap­pens to be true.”

The Gov­ern­ment an­nounced its de­ci­sion dur­ing lock­down, a pe­riod which Martin says in­volved the NCSC pro­tect­ing food dis­tri­bu­tion busi­nesses and vac­cine re­search from cy­ber at­tacks.

He adds that he was “ter­ri­fied” of a se­ri­ous ran­somware at­tack caus­ing dis­rup­tion dur­ing the pan­demic.

Now, Martin is about to em­bark on a new life out­side of the in­tel­li­gence agen­cies.

He ap­plied for, but did not get, the po­si­tion of chief ex­ec­u­tive of Of­com. In­stead, he’s re­turn­ing to the Univer­sity of Ox­ford to teach the man­age­ment of pub­lic ser­vices at the Blavat­nik School of Gov­ern­ment.

“My col­leagues are all get­ting used to teach­ing in a Covid en­vi­ron­ment. I’m get­ting used to teach­ing full-stop,” Martin says.

He is also ad­vis­ing ven­ture cap­i­tal fund Pal­adin Cap­i­tal, which has a se­ries of cy­ber­se­cu­rity in­vest­ments, and is on the ad­vi­sory board of se­cure brows­ing start-up Gar­ri­son.

Martin’s am­bi­tion is to con­tinue the work he’s been do­ing in­side gov­ern­ment and carry it on in the out­side world. “I re­ally hope that I’ve done my bit in the last few years to pro­mote a lit­tle bit of trust in tech­nol­ogy in the UK in my old guise,” he says. “Now, hope­fully, I can do a bit more in the next one.”

Huawei and Rus­sia, led by pres­i­dent Putin, right, both posed headaches for Ciaran Martin, be­low, as head of the NCSC

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.