Top 10 investigations and national security stories of 2023

1. Top science journal faced secret attacks from Covid conspiracy theory group

An investigation by Computer Weekly and Byline Times revealed that the science journal, Nature, had been the target of sustained secret attacks by extreme Brexit supporters with high-level political, commercial and intelligence connections. The group, which included former MI6 chief Sir Richard Dearlove, attempted to put members of staff at Nature under surveillance and investigated by intelligence services in the UK, Israel, Japan and Australia for alleged “extreme Sinophile views”.

2. New revelations from the Edward Snowden archive

Ten years after they were first leaked by former US National Security Agency (NSA) whistleblower Edward Snowden, Computer Weekly revealed new, unpublished, details from the Snowden archives. They include revelations that the NSA had compromised central processing units widely deployed by datacentres and cloud computing suppliers.

The processors were supplied by American semiconductor manufacturer Cavium. The company was listed as “a successful SIGINT enabled CPUs vendor” in unreleased Snowden documents, according to a PhD thesis by security researcher and journalist Jacob Appelbaum. Now owned by Marvell, Cavium told Computer Weekly it does not implement “back doors” for any government.

Applebaum also revealed that that the NSA had compromised Russia’s SORM telephone and internet surveillance system and the lawful interception capabilities of other undisclosed countries.

3. Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

Senior managers have told staff that they “still don’t know who did it and what [information] was lost” during a ransomware attack on the local authority that hosts Europe’s’ biggest nuclear site. Cumberland Council holds data on the nuclear waste storage and reprocessing site, Sellafield, including information on planning, waste management and the movement of nuclear inventory.

Computer Weekly revealed that the council had no disaster recovery plan and relied heavily on agency staff at the time of the cyber attack by the North Korean ransomware group Wannacry in 2017.

4. Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms

The Online Safety Act has continued to cause concern to companies that supply encrypted communications services such as messaging and chat services. The act, which was passed in October, gives Ofcom powers to require technology companies to scan the contents of encrypted services for illegal child abuse content, a move cryptography experts and critics say cannot be achieved without fundamentally weakening encryption and exposing messaging services to hostile hacking and nation sate attacks.

Although the government has said Ofcom will not use its powers unless the technology exists to monitor communications without damaging security, the powers to enforce compliance have been added to the statute books.

5. Surveillance tribunal finds NCA EncroChat hacking warrants were lawful

A novel hacking operation that covertly intercepted 100 million messages from the EncroChat encrypted phone network continues to produce ripples more than three-and-a-half years later. The National Crime Agency’s (NCA) Operation Venetic led to the conviction of more than 1,000 people accused of drug dealing and organised crime in the UK.

The Investigatory Powers Tribunal found that the NCA had properly obtained equipment interference warrants, but the jury is still out over whether EncroChat evidence can be used in court. Defence lawyers predict that people convicted of the most serious crimes based solely on the basis of evidence in EncroChat messages could have their convictions overturned by the Criminal Cases Review Commission (CCRC) if EncroChat evidence is ultimately found inadmissible. 

6. NHS whistleblower threatens trust with legal action in row over alleged email tampering

The Covid inquiry has raised awkward questions about Rishi Sunak and Boris Johnson’s missing WhatsApp messages from the time the most critical decisions were made on lockdown policy. However, the preservation, accuracy and authenticity of electronic evidence has been a recurring theme in our reporting.

Examples include the destruction of as many as 90,000 emails by Lewisham and Greenwich NHS Trust during an industrial tribunal brought by a doctor who blew the whistle on staff shortages that contributed to patient deaths. This report is the latest development in a bitter dispute between NHS whistleblower Peter Duffy and University Hospitals of Morecambe Bay NHS Foundation Trust over the authenticity of crucial evidence.

7. Met Police data platform £64m over budget

The Metropolitan Police Service’s integrated record management system is nearly £60m over budget, and still facing major teething problems, with officers and staff raising more than 25,000 support requests in its first four months of operation, according to a freedom of information disclosure.

The Connect system – contracted to NEC Software in May 2018 for up to £150m – is intended to help the force with end-to-end management of various policing processes, from intelligence and investigations to custody and prosecution, by giving officers instant access to real-time information across eight previously disparate systems through a single operational platform. 

8. Investigatory Powers Act: Home Office proposes rethink of safeguards on bulk data collection

The government announced plans to strengthen the UK’s surveillance laws in February. The Investigatory Powers (Amendment) Bill currently going through Parliament aims to implement government-backed reforms to the oversight of UK’s surveillance laws.

The Home Office argues that current limitations in the Investigatory Powers Act 2016 have made it harder for the intelligence community to use the “digital technology needed to keep the country safe”.

Controversially, the bill could require technology companies to inform the Home Office about any security or privacy features they want to add to their platforms in advance, and potentially for the government to block their use.  

9. UK names Russian FSB agents behind political hacking campaign

The government has confirmed that Russia’s Federal Security Service (FSB) was behind a long-running hacking campaign that targeted politicians, civil servants, journalists and civil society organisations. Computer Weekly identified the hacking group – which is known as Callisto, ColdRiver, Tag-53, TA446 and BlueCharlie – as an FSB operation. Its victims include the former head of MI6, Richard Dearlove, and a network of right-wing Brexit supporters with high-level connections.

Computer Weekly and Byline Times have systematically analysed emails and documents published by the group to check for signs of Russian manipulation and to verify their contents. 

10. National Cyber Force carrying out daily hacking operations to disrupt hostile threats

The UK’s newly created offensive cyber unit, the National Cyber Force (NCF), revealed it had carried out daily hacking operations to counter sophisticated cyber threats and disrupt state disinformation campaigns and terrorist groups.

Known internally as GCHQ II, the NCF is setting up a permanent headquarters at Samlesbury in Lancashire, which is expected to bring £5bn of investment into an area struggling with lower-than-average wages and a shortage of highly skilled jobs. More than 3,000 people will be working at the NCF headquarters, built on land on the former Samlesbury Aerodrome, alongside BAE Systems’ aircraft components site.