CHINA
Case study: Operation WINDERMERE (counter-cyber)
The UK Intelligence Community told the Committee in 2019 that the UK is leading internationally on countering the cyber threat from China. (Given that there has been a lot of public reporting regarding the UK's limited focus on China by comparison with its Five Eyes partners, it is interesting that the UK Intelligence Community consider that they are leading internationally on responding to the Chinese cyber threat.)
Operation WINDERMERE is a cross-UK Intelligence Community strategy to address Chinese cyber activity, led by GCHQ ***. It aims to "reduce the impact of the Chinese State's cyber programme on UK ***."[1]
The strategy focuses on taking intelligence *** and using it for defence means (in order to make UK cyber space a hard operating environment) ***.[2] The approach combines a mixture of diplomacy, law enforcement action and PROTECT[3] work. ***.
The UK Intelligence Community say that they are working to identify and build knowledge of the Chinese cyber actors assessed to pose the highest threat to UK national security ***.[4]
- As such, encouraging other countries to demonstrate unity on the attribution of such behaviour (***) is key.[5]
- The 2019 ICE Plan, by comparison ***. These included:
- ↑ Written evidence—GCHQ, 18 June 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ PROTECT work focuses on protective security.
- ↑ Written evidence—GCHQ, 20 June 2019.
- ↑ Oral evidence—HMG, *** December 2020.
- ↑ Written evidence—GCHQ, 31 January 2020.
- ↑ The National Cyber Force (NCF) was launched in April 2020. The NCF is a distinct operational entity, a partnership between GCHQ and the Ministry of Defence, also incorporating elements from SIS and the Defence Science and Technology Laboratory. The NCF is intended to deliver an increase in the UK's cyber capability and carry out its programme of offensive cyber.
- ↑ Written evidence—HMG, 14 September 2020.
88
