GCHQ chief: Cyber conflict could deteriorate into a Wild West if left unchecked
Jeremy Fleming, the director of the UK's signals intelligence agency, warns of the lack of international case law for cyber.
Monday 25 February 2019 20:46, UK
The internet could deteriorate into "an even less governed space" if the international community doesn't come together to establish a common set of principles, the head of GCHQ has warned.
Giving a rare speech in Singapore, Jeremy Fleming referenced "China, Iran, Russia and North Korea" as having broken international law through cyber attacks.
But he also acknowledged there was not much of a legal standard to go by, noting: "Case law is still developing in all of our jurisdictions."
"Some of the behaviour we've seen from certain states or criminals is clearly wrong in any circumstance," he added, referencing attacks on hospitals or countries' electoral systems.
"But in many cases, there are no clear norms or behaviours. And in some cases, there is a clear divergence in view between blocs of nations about how to develop these norms for the future."
Mr Fleming warned: "Unchecked, we're heading for an even less governed space where rights and wrongs are not automatically recognised and where acceptable behaviours are not a given."
Delivering a keynote speech at the International Institute for Strategic Studies, Mr Fleming made the case for what kind of offensive cyber activities were good.
"Their use must always meet the three tests of legality, necessity and proportionality. Their use - in particular to cause disruption or damage - must be in extremis," he said.
He noted the work done by GCHQ to tackle Islamic State: "This was the first time the UK has systematically and persistently degraded an adversary's online efforts as part of a wider military campaign.
"We can see that these operations made a significant contribution to coalition efforts to suppress Daesh propaganda, hindered their ability to coordinate attacks, and protected coalition forces on the battlefield.
"This was remarkable work carried out by a talented and committed group of men and women from several nations and it helped lead to the end of the physical caliphate."
The ability for GCHQ to speak out on rights and wrongs in cyber space has been brought into disrepute in recent years.
After the controversial leaks to journalists by Edward Snowden, a former US intelligence contractor who now lives in Russia, the agency faced scrutiny in the UK.
Among the material published were documents suggesting that GCHQ staff had hacked into Belgium's largest telecoms firm, Belgacom, under the instruction from UK government ministers.
While such activity is considered espionage and therefore legitimate in terms of international law, which means it may be criminal but is not an act of war, it challenged the agency's reputation.
:: How Snowden leaks damaged security
:: How Snowden leaks revealed spying
International law wasn't developed with cyber space in mind, but there have been significant efforts in the UK to formalise the application of legal standards to network conflicts.
Just as physically damaging attacks would be breaches of international law and cause for a forceful response, so too would be cyber attacks which go beyond espionage, said the government's attorney general last year.
However, it is technically impossible to differentiate espionage from the kind of hacking which is necessary as a pre-cursor to a physical attack.
It is in the nature of an implant within the network of a utilities company that it could as easily allow a security agency to gain intelligence as it would allow that agency to disrupt power to a hospital.
Mr Fleming warned that there appeared to be little movement to address these grey areas, which is where much of the concern about cyber conflict is centres.
"Without a commonly agreed set of principles, it's much harder to reach agreement on common standards, to exchange and trust data, to prosecute poor behaviours and to create a commonly agreed doctrine of deterrence."