beebright - Fotolia

Top 10 investigations and national security stories of 2023

From a secret campaign by right-wing Brexit supporters against science journal Nature to Investigatory Powers Act 2016 revisions that will make it easier for police and intelligence agencies to access databases on the population, here are Computer Weekly’s top 10 investigations and national security stories of 2023

This year saw Computer Weekly and Byline Times reveal an extraordinary secret campaign by right-wing Brexit supporters against the world’s leading science journal, Nature. The group, which had high-level connections in politics, business and intelligence, attempted to put Nature and its editor under surveillance and investigated by intelligence agencies for alleged “extreme Sinophile views”.

Surveillance has also been a preoccupation of the Home Office this year, as the government seeks to revise the Investigatory Powers Act 2016 to make it easier for police and intelligence agencies to access large databases on the population, and controversially to require tech companies to inform the government in advance if they make changes to their platforms that could impact surveillance capabilities.

Pressure from the government against tech companies that offer encrypted messaging and email services intensified with the passing of the Online Safety Act in October. The act gives regulator Ofcom powers to require tech companies to scan encrypted services for illegal content, a move that threatens to undermine the security of technology platforms. The act has become law, but it is yet to be seen how – or if – Ofcom will enforce it.

Electronic evidence has been another running theme this year, as Computer Weekly reported on a dispute by an NHS whistleblower and health trust over the authenticity of emails that relate to patient safety concerns. Another NHS employee, meanwhile, deleted thousands of emails before being due to give evidence at an employment tribunal. The courts have also yet to decide whether messages obtained from the police hacking of the EncroChat encrypted phone network are admissible. If they are not, people who have been convicted solely on the basis of EncroChat messages may have their cases overturned.

1. Top science journal faced secret attacks from Covid conspiracy theory group

An investigation by Computer Weekly and Byline Times revealed that the science journal, Nature, had been the target of sustained secret attacks by extreme Brexit supporters with high-level political, commercial and intelligence connections. The group, which included former MI6 chief Sir Richard Dearlove, attempted to put members of staff at Nature under surveillance and investigated by intelligence services in the UK, Israel, Japan and Australia for alleged “extreme Sinophile views”.

2. New revelations from the Edward Snowden archive

Ten years after they were first leaked by former US National Security Agency (NSA) whistleblower Edward Snowden, Computer Weekly revealed new, unpublished, details from the Snowden archives. They include revelations that the NSA had compromised central processing units widely deployed by datacentres and cloud computing suppliers.

The processors were supplied by American semiconductor manufacturer Cavium. The company was listed as “a successful SIGINT enabled CPUs vendor” in unreleased Snowden documents, according to a PhD thesis by security researcher and journalist Jacob Appelbaum. Now owned by Marvell, Cavium told Computer Weekly it does not implement “back doors” for any government.

Applebaum also revealed that that the NSA had compromised Russia’s SORM telephone and internet surveillance system and the lawful interception capabilities of other undisclosed countries.

3. Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

Senior managers have told staff that they “still don’t know who did it and what [information] was lost” during a ransomware attack on the local authority that hosts Europe’s’ biggest nuclear site. Cumberland Council holds data on the nuclear waste storage and reprocessing site, Sellafield, including information on planning, waste management and the movement of nuclear inventory.

Computer Weekly revealed that the council had no disaster recovery plan and relied heavily on agency staff at the time of the cyber attack by the North Korean ransomware group Wannacry in 2017.

4. Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms

The Online Safety Act has continued to cause concern to companies that supply encrypted communications services such as messaging and chat services. The act, which was passed in October, gives Ofcom powers to require technology companies to scan the contents of encrypted services for illegal child abuse content, a move cryptography experts and critics say cannot be achieved without fundamentally weakening encryption and exposing messaging services to hostile hacking and nation sate attacks.

Although the government has said Ofcom will not use its powers unless the technology exists to monitor communications without damaging security, the powers to enforce compliance have been added to the statute books.

5. Surveillance tribunal finds NCA EncroChat hacking warrants were lawful

A novel hacking operation that covertly intercepted 100 million messages from the EncroChat encrypted phone network continues to produce ripples more than three-and-a-half years later. The National Crime Agency’s (NCA) Operation Venetic led to the conviction of more than 1,000 people accused of drug dealing and organised crime in the UK.

The Investigatory Powers Tribunal found that the NCA had properly obtained equipment interference warrants, but the jury is still out over whether EncroChat evidence can be used in court. Defence lawyers predict that people convicted of the most serious crimes based solely on the basis of evidence in EncroChat messages could have their convictions overturned by the Criminal Cases Review Commission (CCRC) if EncroChat evidence is ultimately found inadmissible. 

6. NHS whistleblower threatens trust with legal action in row over alleged email tampering

The Covid inquiry has raised awkward questions about Rishi Sunak and Boris Johnson’s missing WhatsApp messages from the time the most critical decisions were made on lockdown policy. However, the preservation, accuracy and authenticity of electronic evidence has been a recurring theme in our reporting.

Examples include the destruction of as many as 90,000 emails by Lewisham and Greenwich NHS Trust during an industrial tribunal brought by a doctor who blew the whistle on staff shortages that contributed to patient deaths. This report is the latest development in a bitter dispute between NHS whistleblower Peter Duffy and University Hospitals of Morecambe Bay NHS Foundation Trust over the authenticity of crucial evidence.

7. Met Police data platform £64m over budget

The Metropolitan Police Service’s integrated record management system is nearly £60m over budget, and still facing major teething problems, with officers and staff raising more than 25,000 support requests in its first four months of operation, according to a freedom of information disclosure.

The Connect system – contracted to NEC Software in May 2018 for up to £150m – is intended to help the force with end-to-end management of various policing processes, from intelligence and investigations to custody and prosecution, by giving officers instant access to real-time information across eight previously disparate systems through a single operational platform. 

8. Investigatory Powers Act: Home Office proposes rethink of safeguards on bulk data collection

The government announced plans to strengthen the UK’s surveillance laws in February. The Investigatory Powers (Amendment) Bill currently going through Parliament aims to implement government-backed reforms to the oversight of UK’s surveillance laws.

The Home Office argues that current limitations in the Investigatory Powers Act 2016 have made it harder for the intelligence community to use the “digital technology needed to keep the country safe”.

Controversially, the bill could require technology companies to inform the Home Office about any security or privacy features they want to add to their platforms in advance, and potentially for the government to block their use.  

9. UK names Russian FSB agents behind political hacking campaign

The government has confirmed that Russia’s Federal Security Service (FSB) was behind a long-running hacking campaign that targeted politicians, civil servants, journalists and civil society organisations. Computer Weekly identified the hacking group – which is known as Callisto, ColdRiver, Tag-53, TA446 and BlueCharlie – as an FSB operation. Its victims include the former head of MI6, Richard Dearlove, and a network of right-wing Brexit supporters with high-level connections.

Computer Weekly and Byline Times have systematically analysed emails and documents published by the group to check for signs of Russian manipulation and to verify their contents. 

10. National Cyber Force carrying out daily hacking operations to disrupt hostile threats

The UK’s newly created offensive cyber unit, the National Cyber Force (NCF), revealed it had carried out daily hacking operations to counter sophisticated cyber threats and disrupt state disinformation campaigns and terrorist groups.

Known internally as GCHQ II, the NCF is setting up a permanent headquarters at Samlesbury in Lancashire, which is expected to bring £5bn of investment into an area struggling with lower-than-average wages and a shortage of highly skilled jobs. More than 3,000 people will be working at the NCF headquarters, built on land on the former Samlesbury Aerodrome, alongside BAE Systems’ aircraft components site.

Read more on IT for government and public sector