The US and UK are joining forces to “impose consequences” on their shared adversaries who conduct malicious cyber-activities.
The combined action would address “evolving threats with a full range of capabilities”, they said.
The shared adversaries were not named but the announcement follows increasing concern over Russia-based ransomware.
The plan was discussed last week at an annual meeting of intelligence chiefs, in the US.
Gen Sir Patrick Sanders and Government Communications Headquarters (GCHQ) director Sir Jeremy Fleming and US Cyber Command head Gen Paul Nakasone “reaffirmed” their commitment to jointly disrupt and deter new and emerging cyber-threats.
As democratic nations, the two countries were committed to carrying out proportionate and necessary operations within the law, they said.
The US and UK are stepping up efforts to strike back in cyber-space – or at least they are becoming more public about it.
They are also making clear the long-standing intelligence partnership is translated into offensive operations online.
The US strategy of “persistent engagement” means contesting foreign adversaries day-to-day in cyber-space to try to make it harder for them to operate.
The UK does not use the same language but, with the launch of the National Cyber Force, it has signalled it is doing the same – trying to knock out ransomware groups’ infrastructure, for example, or make it harder for foreign intelligence agencies to carry out espionage or more destructive attacks.
The talk is of “imposing consequences” – but there are still big questions about whether these actions are having a significant effect on opponents who play by different rules or deterring those adversaries from continuing their actions.
“Our two nations today face strategic threats in an interconnected, digital world that seek to undermine our shared principles, norms, and values,” they said.
“We agree that strategic engagement in cyber-space is crucial to defending our way of life, by addressing these evolving threats with a full range of capabilities.
“We will achieve this by planning enduring combined cyber-space operations that enable a collective defence and deterrence and impose consequences on our common adversaries who conduct malicious cyber-activity.”