UK National Authority for Counter Eavesdropping

The UK National Authority for Counter-Eavesdropping (UK NACE) is one of the three specialist UK National Technical Authorities in the UK Government Security ecosystem,[1] alongside the National Cyber Security Centre and National Protective Security Authority. UK NACE specialises in technical security, the practice of protecting sensitive information and technology from close access acquisition by hostile threat actors, as well as from any other form of technical manipulation.[2] The aim of UK NACE is to help develop the standards for UK government technical security, provides training and mentoring to national and international partners and carries out research and development of new threats and countermeasure technologies.[3] UK NACE sits under the umbrella of the UK's Foreign, Commonwealth and Development Office, as part of FCDO Services.

History

edit

UK NACE evolved from the Diplomatic Wireless Service of Bletchley Park in the 1940s.[4] It started in 1945 after it was found that British embassies in the USSR had been subject to technical espionage. The Foreign Secretary at the time, Ernest Bevin, sent a group of Post Office engineers to certain locations to do "conservative electrical maintenance" on the telephone and telegraphy systems, and "some preventative work such as anti-eavesdropping".

In 1958, UK NACE was recognised as a national authority by the Cabinet Office. From 1960, UK NACE was a part of MI5 before moving back to the Foreign, Commonwealth and Development office in 1969. In 2008, FCDO Services became a trading fund, allowing UK NACE to offer their services to other government departments, law enforcement and some List X companies.[5]

In 2020, UK NACE became a public authority under Schedule 4 of the Investigatory Powers Act, with the power to authorise collection of communications data in support of national security.[6]

Operations

edit

UK NACE's main aims are to ensure that the most sensitive, classified areas within the UK government estate are protected.[7] Their services include:

  • vulnerability analysis
  • inspections
  • defensive monitoring
  • construction security
  • installations
  • support for UK government at national and international conferences

UK NACE's operational officers primarily focus on three areas of technical security for the UK government and its partners:[8]

  • technical surveillance countermeasures
  • in-place monitoring systems
  • site security management

TEMPEST training

edit

UK NACE provides specialist training to individuals working in the field of technical security, or who may have need to identify threats and put in place countermeasures to combat them.[9] The training is open to people who are either a UK citizen, or citizen of a NATO / EU member country and who work in a role that requires access to NATO TEMPEST policy standards.[10] It is assured under the National Cyber Security Centre's Certified Training scheme.[11]

References

edit
  1. ^ Government, UK (2019-11-06). "Introducing Government Security" (PDF). UK Government Assets Publishing. Retrieved 2023-04-13.
  2. ^ Government, UK (2019-11-06). "Protecting Government Security" (PDF). UK Government Assets Publication. Retrieved 2023-04-13.
  3. ^ NACE, UK (2020-08-28). "UK NACE". UK NACE. Retrieved 2023-04-13.
  4. ^ "'Cutting edge' or a 'security nightmare'? Government anti-espionage unit on the tech behind Bond gadgets". PublicTechnology.net. 2021-10-12. Retrieved 2022-04-14.
  5. ^ "UK NACE History". FCDO Services. Retrieved 2022-04-14.
  6. ^ "Legislation.gov.uk".
  7. ^ NACE, UK (2023-08-28). "UK NACE". UK NACE. Retrieved 2023-04-14.
  8. ^ NACE, UK (2020-08-28). "UK NACE Operations". UK NACE Operations. Retrieved 2023-04-14.
  9. ^ NACE, UK (2021-10-20). "uk-nace-academy/tempest-training/". TEMPEST training. Retrieved 2023-04-14.
  10. ^ NACE, UK (2021-10-20). "UK NACE Academy TEMPEST Training". UK NACE Academy TEMPEST Training. Retrieved 2023-04-14.
  11. ^ CyberSecurity Centre, National (2023-04-14). "National Cyber Security Centre, Organisations". NCSC. Retrieved 2023-04-14.