While Russia continues its assault on Ukraine, it’s also developed an aggressive posture on the frontlines of a different war: the one playing out using technology in the “grey zone.” And China, a close ally to Russia, is coming fast around the corner as a threat in its own right, according to a speech delivered by one of the most senior people in British intelligence.
Anne Keast-Butler, the director of the UK intelligence agency GCHQ, warned today that Russia is using technology and “hybrid” tactics to extend its position as one of the most powerful threats to the UK and Europe.
In a speech delivered to a room of government and national security officials, security experts, academics and the media, Keast-Butler described Russia as “relentlessly targeting critical infrastructure, democratic processes, supply chains and public trust.”
She said China, meanwhile, was a “science and tech superpower” that is applying “sophisticated capabilities across [its] intelligence, cyber and military agencies.”
Significantly, all of the advances are being propelled faster than ever before, thanks to AI. “The ground beneath our feet is shifting,” Keast-Butler said. We are in “new era of radical uncertainty” buffeted by “contested geopolitics and rapidly changing technology.”
And she issued a strongly-worded warning to the room: “The risk of miscalculation is as high as I’ve ever seen it.”
Russia’s and China’s positions as tech-forward, grey-zone adversaries to the UK and other parts of Europe are not new. As far back as May 2024, GCHQ, and Keast-Butler specifically, identified the Russian cyber threat as “acute and globally pervasive”, and China as “the epoch defining challenge” of our time. Issues like Russia meddling in elections and cyberattacks have been in the air for years before that. In Europe more widely, drone incursions in countries on the Eastern Flank and beyond are regularly linked to Russia, too.
Russia’s tactics may heavily leverage tech, but the targets are extending right now well beyond the virtual. Keast-Butler noted in her speech that that GCHQ’s efforts are aimed at stopping not just cyberattacks, but also smuggling, specifically of Western technology that is prohibited to be exported to Russia due to sanctions related to the war in Ukraine; critical industry sabotage; and unspecified assassination attempts.
GCHQ said the lecture is the first of an an annual series. As such it provides a very public version of a pulse check — complete with themes and quotes released ahead of time to the media — of what the agency and the UK government are prioritising.
It is being delivered at a key moment. Currently, all eyes are on the Middle East, and whether a settlement can be reached with Iran and Lebanon to end fighting. Iran continues to be a major force both in defence tech production (with its drone work) and in cybercrime. Further east, the lecture is coming in the wake of two important state visits to China, first from the US and then from Russia. Not only do both of these cut Europe out of the power equation, but they highlight a critical tension between the US and China, as well as a friendly connection between China and Russia.
The location of the speech is also significant. The speech is being delivered today at Bletchley Park, the site once made famous as the home of Allied Powers’ code breakers during the Second World War. These days, it is a symbolic centre for UK government-initiated technology imperatives. For example, the UK loftily convened the world’s first “AI Safety Summit” on its grounds back in 2023.
As with that AI summit, the speech today is a mark in time rather than a starting or end point. There remain a number of question marks over how current and future threats, and responses, will progress.
Ultimately, a lot will rely on partnerships with industry, including technologists, and buy-in from individuals and enterprises being more vigilant and secure, she said.
Кеаst-Butler even touched on the most granular version of vigilance: suggesting replacing passwords with more secure passkeys (linked to biometrics and/or unlocking with PINs), along with embedding more security into services and technologies — all in aid of “Making cybersecurity ten times more urgent.”
