West faces 'narrowing window’ to counter Russia and China threats, warns UK spy chief

GCHQ director pushes for stronger digital security

The head of the UK’s cyber and intelligence agency has warned that time is running out to counter growing threats posed by hostile nation states.

In a rare public address marking the 80th anniversary of the UKUSA intelligence pact, GCHQ director Anne Keast-Butler said states including Russia and China were becoming increasingly aggressive both online and offline.

"The ground beneath our feet is shifting," she said, adding that rapid developments in AI and cyber capabilities were creating a "narrowing window" for Western nations to maintain their technological and security advantage.

Ms Keast-Butler described China as "a science and tech superpower" capable of challenging Western intelligence operations on multiple fronts.

Earlier this year, reports claimed that mobile phones belonging to senior officials in Downing Street had been compromised over several years in a suspected Chinese-linked hacking operation.

In April, the FBI and cyber agencies from nine allied nations jointly warned that Chinese state-linked actors were using covert botnet operations to conduct malicious cyber activity across critical networks.

The same month also saw two men convicted of spying for China in the first case of its kind in British legal history.

Russia stepping up online disruption

Ms Keast-Butler also accused Russia of intensifying its "daily hybrid activity" against the UK and Europe through cyberattacks, sabotage and disinformation campaigns.

Moscow is "relentlessly targeting critical infrastructure, democratic processes, supply chains and public trust," she said.

"The risk of miscalculation is as high as I've ever seen it."

NATO defines hybrid warfare as the use of non-military tactics – including propaganda, cyberattacks, deception and sabotage – to destabilise adversaries without direct military confrontation.

British officials say Russian-linked cyber groups have increasingly targeted logistics firms, communications providers and infrastructure operators supporting Ukraine and NATO allies.

Earlier this year, the National Cyber Security Centre (NCSC) accused the Russian military-linked hacking group APT28 of exploiting vulnerable internet routers to reroute online traffic through infrastructure under its control.

Ms Keast-Butler said GCHQ and its partners were actively working to counter such threats.

Strengthen digital security practices

The GCHQ chief urged businesses and the public alike to strengthen their digital security practices, calling for cybersecurity to become "ten times more urgent."

"At home that means taking important action now to switch passwords for passkeys," she said.

"For wider society, it means hard-wiring security into new technologies and protecting supply chains."

Cybersecurity analysts stress that Keast-Butler's warning is relevant beyond just governments or defence organisations.

Keven Knight, CEO at cybersecurity firm Talion, said private companies were increasingly being targeted because of their links to national infrastructure and public services.

"Threat actors are well aware that the UK's critical infrastructure is underpinned by complex supply chains, and they will often target further down these ecosystems to launch their attacks," Knight said.

He pointed to the 2024 cyberattack on pathology provider Synnovis, which caused major disruption to NHS services after ransomware group Qilin targeted a supplier rather than the health service directly.

Ryan McConechy, principal security architect at Barrier Networks, warned that advances in AI were allowing cyber criminals and hostile states to "operate at machine speed."

He said planned UK cybersecurity legislation, not expected to fully take effect until 2028, could leave organisations exposed in the meantime.

"Organisations cannot wait for regulations to come into force," he said. "They must prioritise their defences today."