UK wants an AI-powered anti-hacking system
GCHQ is building a national cyber defence capability powered by AI – though it may take five years
The UK is building a national cyber defence shield powered by AI, the first to be publicly announced in the world.
That's according to a speech from GCHQ head Anne Keast-Butler, who said AI was an "unstoppable force with great opportunity" that comes with risks.
The system she described remained a plan that the security agency hoped to have up and running within the next five years, according to reports, and would use AI agents to spot threats against critical national infrastructure, including airlines and telecoms.
"In the past few months, GCHQ has developed the blueprint for a new national cyber defence capability will hardwire cutting-edge agentic AI into machine-speed cyber defence," Keast-Butler said.
"And as we draw on decades of expertise in machine learning to reimagine cyber security, we're also embedding frontier AI deeper into our operations – responsibly and ethically – to enhance algorithms, translate foreign languages, and find needles in haystacks faster than ever before," she added.
Few other details about the plans were revealed.
Last year, major British companies suffered serious outages after a series of cyber incidents, including one against Jaguar Land Rover that was deemed the "single most financially damaging cyber event to ever hit the UK" and another that cost retailer M&S nearly £400m.
Hackers have increasingly turned to AI for their attacks, with AI now deemed a "standard part of the attacker toolkit", according to one industry expert, while CrowdStrike said the technology was accelerating the expansion of enterprise attack surfaces at an alarming speed.
Future tech threats
She said AI efforts were necessary for the UK and its allies to stay ahead, and there was a narrowing window to keep the lead, in particular when it comes to technology and war.
"Tech companies are releasing AI-driven innovations at a remarkable pace, with untold consequences, as algorithms are weaponised often just below the threshold of traditional warfare," said Keast-Butler. "And China is now a tech superpower with sophisticated cyber, intelligence, and military capabilities."
She added: "One thing is clear: technology and data are no longer just tools; they are transformational forces."
Alongside AI, she pointed to quantum computing, calling for companies to be ready for the security implications, notably the ability to crack existing encryption techniques.
"So we must protect our most critical systems from future quantum attacks," Keast-Butler said. "This will take time – and that's why we're calling on businesses to act now to meet the timelines set out by NCSC."
The National Cyber Security Centre last year laid out a ten-year timeline for the transition to quantum-resistant encryption methods, known as post-quantum cryptography – but 90% of companies aren't prepared, according to one survey.
And she noted the rise of space technologies, noting that ten thousand new objects had been launched into space in the three years since she took over as GCHQ director.
Teamwork to counter threats
The UK and its allies, be it Europe, Five Eyes or NATO, need to work together to counter the danger of China or Russia taking the lead in any of these technologies – and both are investing heavily.
She admitted that raised issues for digital sovereignty, an increasingly hot topic amid geopolitical concerns presented by the dominance of Big Tech firms from the US and Chinese success in AI and hardware.
"Some strive to stay safe by keeping data within their borders, shutting out foreign IT," she said. "But that doesn't work."
The EU has started to tender for sovereign cloud services for EU institutions, and France is making its own software to replace US-made productivity solutions, for example. But Keast-Butler argued for a different route, saying sovereignty need not mean "made in the UK" but control over supply chains, data, and dependencies.
"It's about backing great British science and innovation, established tech companies, and academic excellence – whilst not limiting our ability to harness the best of the world's technology," she said.
-
British Business Bank commits £50m to deeptech fundNews The investment will support early-stage deep tech companies through the Bank's Enterprise Capital Funds program
-
Fujitsu partners with Anthropic to drive AI transformation in JapanNews The agreement will see the technology giant deploy Claude across its workforce while strengthening AI services and security capabilities for customers
-
UK and Australia agree to work more closely on AI securityNews A new deal sees Australia set up a new AI safety institute, which will share research with the UK AI Security Institute
-
GitHub internal repositories exfiltrated via malicious VS Code extensionNews The breach has been claimed by the TeamPCP hacking group, which said it is offering the data for sale
-
AI is getting better at security – and it's doing it faster than expectedNews UK AISI warns that AI models are already exceeding existing benchmarks for testing
-
AI and Data are reshaping the MSP landscape, but hackers are getting in on the hot AI actionNews AI is no longer just a buzzword; it's a hacker's dream and the channel's biggest opportunity
-
Is your new hire an AI clone? Microsoft says North Korean hackers are using AI to impersonate job seekers and steal company secretsNews The groups are increasingly using face-changing or voice-changing software to make their fake identities more plausible
-
Small businesses can't get cyber strategies up and running – here's whyNews SMBs are turning to outside help to shore up security as internal strategies fall flat
-
Using AI to code? Watch your security debtnews Black Duck research shows faster development may be causing risks for companies
-
Organizations warned of "significant lag" in deepfake protection investmentnews Defenses are failing to keep up with the rapidly growing attack vector, with most organizations being overconfident
