UK National Authority for Counter Eavesdropping

Last updated

The UK National Authority for Counter-Eavesdropping (UK NACE) is one of the three specialist UK National Technical Authorities in the UK Government Security ecosystem, [1] alongside the National Cyber Security Centre and National Protective Security Authority. UK NACE specialises in technical security, the practice of protecting sensitive information and technology from close access acquisition by hostile threat actors, as well as from any other form of technical manipulation. [2] The aim of UK NACE is to help develop the standards for UK government technical security, provides training and mentoring to national and international partners and carries out research and development of new threats and countermeasure technologies. [3] UK NACE sits under the umbrella of the UK's Foreign, Commonwealth and Development Office, as part of FCDO Services.

Contents

History

UK NACE evolved from the Diplomatic Wireless Service of Bletchley Park in the 1940s. [4] It started in 1945 after it was found that British embassies in the USSR had been subject to technical espionage. The Foreign Secretary at the time, Ernest Bevin, sent a group of Post Office engineers to certain locations to do "conservative electrical maintenance" on the telephone and telegraphy systems, and "some preventative work such as anti-eavesdropping".

In 1958, UK NACE was recognised as a national authority by the Cabinet Office. From 1960, UK NACE was a part of MI5 before moving back to the Foreign, Commonwealth and Development office in 1969. In 2008, FCDO Services became a trading fund, allowing UK NACE to offer their services to other government departments, law enforcement and some List X companies. [5]

In 2020, UK NACE became a public authority under Schedule 4 of the Investigatory Powers Act, with the power to authorise collection of communications data in support of national security. [6]

Operations

UK NACE's main aims are to ensure that the most sensitive, classified areas within the UK government estate are protected. [7] Their services include:

UK NACE's operational officers primarily focus on three areas of technical security for the UK government and its partners: [8]

TEMPEST training

UK NACE provides specialist training to individuals working in the field of technical security, or who may have need to identify threats and put in place countermeasures to combat them. [9] The training is open to people who are either a UK citizen, or citizen of a NATO / EU member country and who work in a role that requires access to NATO TEMPEST policy standards. [10] It is assured under the National Cyber Security Centre's Certified Training scheme. [11]

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security, cyber security, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

<span class="mw-page-title-main">GCHQ</span> British signals intelligence agency

Government Communications Headquarters (GCHQ) is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the United Kingdom. Primarily based at "The Doughnut" in the suburbs of Cheltenham, GCHQ is the responsibility of the country's Secretary of State for Foreign and Commonwealth Affairs, but it is not a part of the Foreign Office and its Director ranks as a Permanent Secretary.

<span class="mw-page-title-main">Foreign, Commonwealth and Development Office</span> Ministerial department of the UK Government

The Foreign, Commonwealth & Development Office (FCDO) is a department of the Government of the United Kingdom. Equivalent to other countries' ministries of foreign affairs, it was created on 2 September 2020 through the merger of the Foreign & Commonwealth Office (FCO) and the Department for International Development (DFID). The FCO was itself created in 1968 by the merger of the Foreign Office (FO) and the Commonwealth Office. The department in its various forms is responsible for representing and promoting British interests worldwide.

<span class="mw-page-title-main">General Intelligence and Security Service</span> Agency of the Netherlands

The General Intelligence and Security Service is the intelligence and security agency of the Netherlands, tasked with domestic, foreign and signals intelligence and protecting national security.

<span class="mw-page-title-main">Communications Security Establishment</span> Canadas national cryptologic agency

The Communications Security Establishment, formerly called the Communications Security Establishment Canada (CSEC), is the Government of Canada's national cryptologic agency. It is responsible for foreign signals intelligence (SIGINT) and communications security (COMSEC), protecting federal government electronic information and communication networks, and is the technical authority for cyber security and information assurance.

<span class="mw-page-title-main">Counterintelligence</span> Offensive measures using enemy information

Counterintelligence (counter-intelligence) or counterespionage (counter-espionage) is any activity aimed at protecting an agency's intelligence program from an opposition's intelligence service. It includes gathering information and conducting activities to prevent espionage, sabotage, assassinations or other intelligence activities conducted by, for, or on behalf of foreign powers, organizations or persons.

Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet by means of tools such as computer viruses, computer worms, phishing, malicious software, hardware methods, programming scripts can all be forms of internet terrorism. Cyberterrorism is a controversial term. Some authors opt for a very narrow definition, relating to deployment by known terrorist organizations of disruption attacks against information systems for the primary purpose of creating alarm, panic, or physical disruption. Other authors prefer a broader definition, which includes cybercrime. Participating in a cyberattack affects the terror threat perception, even if it isn't done with a violent approach. By some definitions, it might be difficult to distinguish which instances of online activities are cyberterrorism or cybercrime.

<span class="mw-page-title-main">Bureau of Diplomatic Security</span> U.S. State Department security and law enforcement division

The Bureau of Diplomatic Security, commonly known as Diplomatic Security (DS), is the security branch of the United States Department of State. It conducts international investigations, threat analysis, cyber security, counterterrorism, and protection of people, property, and information. Its mission is to provide a safe and secure environment for officials to execute the foreign policy of the United States.

<span class="mw-page-title-main">Cyberwarfare</span> Use of digital attacks against a nation

Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.

<span class="mw-page-title-main">Under Secretary of Defense for Policy</span> United States government position

The United States under secretary of defense for policy (USDP) is a high level civilian official in the United States Department of Defense. The under secretary of defense for policy is the principal staff assistant and adviser to both the secretary of defense and the deputy secretary of defense for all matters concerning the formation of national security and defense policy.

<span class="mw-page-title-main">Federal Criminal Police Office (Germany)</span> German federal investigative police agency

The Federal Criminal Police Office of Germany is the federal investigative police agency of Germany, directly subordinated to the Federal Ministry of the Interior. It is headquartered in Wiesbaden, Hesse, and maintains major branch offices in Berlin and Meckenheim near Bonn. It has been headed by Holger Münch since December 2014.

The National Security Council (NSC) of India is an executive government agency tasked with advising the Prime Minister's Office on matters of national security and strategic interest. It was established by the former Prime Minister of India Atal Bihari Vajpayee on 19 November 1998, with Brajesh Mishra as the first National Security Advisor. Prior to the formation of the NSC, these activities were overseen by the Principal Secretary to the preceding Prime Minister.

<span class="mw-page-title-main">Federal Office for Information Security</span> German federal agency

The Federal Office for Information Security is the German upper-level federal agency in charge of managing computer and communication security for the German government. Its areas of expertise and responsibility include the security of computer applications, critical infrastructure protection, Internet security, cryptography, counter eavesdropping, certification of security products and the accreditation of security test laboratories. It is located in Bonn and as of 2020 has about 1,100 employees. Its current president, since 1 February 2016, is former business executive Arne Schönbohm, who took over the presidency from Michael Hange.

<span class="mw-page-title-main">Communications & Information Services Corps</span> Military unit

The Communications and Information Services Corps (CIS) – formerly the Army Corps of Signals – is one of the combat support corps of the Irish Defence Forces, the military of Ireland. It is responsible for the installation, maintenance and operation of communications and information systems for the command, control and administration of the Defence Forces, and the facilitation of accurate, real-time sharing of intelligence between the Army, Naval Service and Air Corps branches at home and overseas.

<span class="mw-page-title-main">Office of Intelligence and Counterintelligence</span> US government agency

The Office of Intelligence and Counterintelligence (OICI), also abbreviated IN, DOE-IN, DOE/IN, I&CI, or OIC, was established in 2006 by the merger of pre-existing Energy Department intelligence and security organizations. It is an office of the United States Department of Energy (DOE) responsible for all intelligence and counterintelligence activities throughout the DOE complex; due to this central role, OICI is designated DOE's Headquarters Intelligence. As a component of the United States Intelligence Community in addition to the Department of Energy, OICI reports to both the Director of National Intelligence and Secretary of Energy.

The National Protective Security Authority (NPSA), formerly the Centre for the Protection of National Infrastructure (CPNI), is the national technical authority in the United Kingdom for physical and personnel protective security, maintaining expertise in counter terrorism as well as state threats.

National intelligence programs, and, by extension, the overall defenses of nations, are vulnerable to attack. It is the role of intelligence cycle security to protect the process embodied in the intelligence cycle, and that which it defends. A number of disciplines go into protecting the intelligence cycle. One of the challenges is there are a wide range of potential threats, so threat assessment, if complete, is a complex task. Governments try to protect three things:

<span class="mw-page-title-main">United States Army Counterintelligence</span> Component of United States Army which conducts counterintelligence activities

United States Army Counterintelligence (ACI) is the component of United States Army Military Intelligence which conducts counterintelligence activities to detect, identify, assess, counter, exploit and/or neutralize adversarial, foreign intelligence services, international terrorist organizations, and insider threats to the United States Army and U.S. Department of Defense (DoD).

The cyber security community in the United Kingdom is diverse, with many stakeholders groups contributing to support the UK Cyber Security Strategy. The following is a list of some of these stakeholders.

The Government of the United Kingdom maintains several intelligence agencies that deal with secret intelligence. These agencies are responsible for collecting, analysing and exploiting foreign and domestic intelligence, providing military intelligence, and performing espionage and counter-espionage. Their intelligence assessments contribute to the conduct of the foreign relations of the United Kingdom, maintaining the national security of the United Kingdom, military planning, public safety, and law enforcement in the United Kingdom. The four main agencies are the Secret Intelligence Service, the Security Service (MI5), the Government Communications Headquarters (GCHQ) and Defence Intelligence (DI). The agencies are organised under three government departments, the Foreign Office, the Home Office and the Ministry of Defence.

References

  1. Government, UK (2019-11-06). "Introducing Government Security" (PDF). UK Government Assets Publishing. Retrieved 2023-04-13.
  2. Government, UK (2019-11-06). "Protecting Government Security" (PDF). UK Government Assets Publication. Retrieved 2023-04-13.
  3. NACE, UK (2020-08-28). "UK NACE". UK NACE. Retrieved 2023-04-13.
  4. "'Cutting edge' or a 'security nightmare'? Government anti-espionage unit on the tech behind Bond gadgets". PublicTechnology.net. 2021-10-12. Retrieved 2022-04-14.
  5. "UK NACE History". FCDO Services. Retrieved 2022-04-14.
  6. "Legislation.gov.uk".
  7. NACE, UK (2023-08-28). "UK NACE". UK NACE. Retrieved 2023-04-14.
  8. NACE, UK (2020-08-28). "UK NACE Operations". UK NACE Operations. Retrieved 2023-04-14.
  9. NACE, UK (2021-10-20). "uk-nace-academy/tempest-training/". TEMPEST training. Retrieved 2023-04-14.
  10. NACE, UK (2021-10-20). "UK NACE Academy TEMPEST Training". UK NACE Academy TEMPEST Training. Retrieved 2023-04-14.
  11. CyberSecurity Centre, National (2023-04-14). "National Cyber Security Centre, Organisations". NCSC. Retrieved 2023-04-14.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.