U.K. cybersecurity chief pivots to new coronavirus threats

The 45-year-old chief of the U.K. National Cyber Security Centre is working from home in Oxfordshire, not far from intelligence headquarters. Mr. Martin had planned to leave the agency in late June, after 23 years in government, but because of the crisis he is staying through the end of August. He then plans to start teaching about technology and public policy at a university.

For now, entities central to the virus response, like the U.K.’s state-funded National Health Service, are high on his radar due to the new vulnerabilities they face; protecting hospitals and other critical infrastructure is a priority. Experts also are mapping out the post-pandemic cybersecurity landscape.

In the near term, the potential for cyberattacks has risen, with governments and companies stretched and employees separated from safeguarded office networks, Mr. Martin said. More U.K. resources have been redirected to supplying hospitals and developing vaccines, raising the stakes posed by hackers seeking to disrupt companies and medical researchers.

Mr. Martin runs the branch of the country’s GCHQ electronic intelligence agency responsible for coordinating cybersecurity as part of broad counterterrorism and national-security efforts. Much of his work involves working with the public; a smaller proportion is secret, requiring on-site classified briefings and secure technology.

Early on, his staff set about helping Parliament ensure videoconferencing and remote communications were secure. Questions from corporate executives about network threats also needed to be answered.

In week two of the lockdown, Mr. Martin’s wife developed telltale coronavirus symptoms including flagging energy, fever and loss of smell and taste. Her condition was never critical.

As she recovered at home, he juggled meals and schoolwork for two elementary-school-aged children, and exercise for an Irish water spaniel named Belle with a penchant for interrupting video calls.

Because he needed to self-isolate, Mr. Martin couldn’t immediately go to headquarters for classified briefings taking place about once a week. Deputies filled in. “Fortunately, the two weeks of isolation were relatively calm, operationally,” he said, meaning there were no major hostile state attacks.

It was still hectic. Once, Mr. Martin received time-sensitive classified materials securely delivered to his home.

Meanwhile cyber-center staff advised NHS technology teams on security for a contact-tracing mobile app that is being rolled out for trial.

Mr. Martin and deputies also accelerated the deployment of “threat sensors,” a sort of digital security perimeter, across 1.3 million devices used by NHS staff. The health system has stepped up alerts for cyberattacks since criminals hijacked computers around the world demanding ransom in return for decrypting data in 2017.

The overall pace of pandemic cyberattacks has remained mostly steady, Mr. Martin said. But societal fear and economic uncertainty have altered the targets.

Scammers are capitalizing on people’s needs to obtain face masks or tap financial aid. To help tackle the onslaught of scams and malware, Mr. Martin’s agency in April rolled out a central email address, where anyone can send suspicious emails for analysis.

During the first week of the program, around 25,000 referrals from the public helped the agency identify almost 400 “dodgy websites,” on top of the 400 it already flags in a typical week, Mr. Martin said.

State-level espionage has shifted as well. “The more elite hackers from hostile states are more interested in health-care-related targets than they were three months ago. It’s where sensitive state information is, in terms of vaccines; it’s where sensitive [intellectual property] is, in terms of pharmaceuticals.”

Mr. Martin and his staff talk a lot about how normality will look, eventually. He predicts more corporate spending to bulletproof mobile technology: “Mobile cryptography is hard but not impossible.”

Another battle is fighting the growing cost of cyber-extortionists, Mr. Martin said. “As this pandemic normalizes, we’ve got to get back to tackling ransomware. It’s a curable problem.”

The crisis has fast-tracked public attention on cybersecurity. Cybercrimes will always be glamorized to a degree, he said. Think “the teenagers in bedrooms targeting the Pentagon” story line. “Actually most cybersecurity is a lot more public and more technocratic to the point of boring. Don’t think it’s all about people operating in secret doing impossible things you can’t defend.”

―The Wall Street Journal