GCHQ Director calls for international cyber pact

“Some of the behaviour we’ve seen from certain states or criminals is clearly wrong in any circumstance,” said Fleming, “an attack on a hospital’s IT, or on a country’s electoral system will always require sanction.”

“Unchecked, we’re heading for an even less governed space where rights and wrongs are not automatically recognised and where acceptable behaviours are not a given.”

“The ability to be able to use cybertools to disrupt, deny or degrade is the most contentious and least well understood aspect of cyberpower,” said Fleming, “but, in the right context, governed by appropriate international and domestic laws, offensive cyber is an essential part of a nation’s cybertool kit.”

Turning to the problems posed by China’s telecoms equipment, Fleming said: “We have to understand the opportunities and threats from China’s technological offer – understand the global nature of supply chains and service provision irrespective of the flag of the supplier.”

Fleming argued that networks should be made up of equipment from a variety of suppliers.

It is necessary, he said, to “take a clear view on the implications of China’s technological acquisition strategy in the West, and help our governments decide which parts of this expansion can be embraced, which need risk management, and which will always need a sovereign, or allied, solution.” 

Fleming assumes there will always be vulnerabilities.

“Vulnerabilities can and will be exploited,” he is spot say, “but networks should be designed in a way that cauterises the damage.”

He concludes: “How we deal with it will be crucial for prosperity and security way beyond 5G contracts.”