The National Cyber Security Centre (NCSC) has had to defend the UK from more than 600 cyberattacks in the past year, according to the organisation’s third annual review.
As part of GCHQ, the NCSC was set up in 2016 to defend the UK from cyberattacks, whether they were from hostile nation states or unaffiliated hacker groups. The centre has dealt with a total of 1,800 incidents since its formation, with 658 incidents reported between 1 September 2018 and 31 August 2019.
For the first time ever, the NCSC has provided a breakdown of which sectors required the most help in staving off cyberattacks. Unsurprisingly, the government topped the list, followed by academia, IT, managed service providers and - in joint fifth - health and transport.
“This review gives a real insight into the breadth of outstanding work done by the NCSC and underlines why we are a world leader in cyber security,” NCSC chief executive Ciaran Martin said
“From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts.
“I am proud to lead this organisation and optimistic that, in a constantly evolving landscape, we can help make this the safest country to live and work online.”
Hostile nation states
The NCSC noted that cyberattacks from hostile nation states continue to make up a large portion of the work performed by the organisation. Just this year, the NCSC supported both the UK and Dutch governments in exposing the campaign of cyberattacks inflicted on Western nations by the GRU, Russia’s military intelligence service. These attacks targeted political institutions, businesses, media and sporting organisations.
With the UK set to head to the polls in December, the centre noted that it continues to work diligently in protecting the democratic process from cyberattacks. This included the NCSC meeting with the UK’s political parties every three months, as well as offering cybersecurity advice to Parliamentarians.
Thankfully, the UK has not yet been subjected to a major cyberattack of any kind, although Martin warns that a ‘category one attack’ is expected in the not-so-distant future. This attack could target anything from utilities to major companies, or even government institutions.
Actively defending the UK
Key to the NCSC’s campaign against cyberattacks is what it calls ‘Active Cyber Defence’, which puts the onus on businesses and organisations to think seriously about their cybersecurity. This could mean implementing stricter security policies or investing in software to bolster a company’s defence.
Active Cyber Defence includes some of the following programmes, which the NCSC has developed in partnership with UK businesses and organisations:
- Web Check helps make websites a less attractive target, by finding obvious security issues and pointing them out to the website’s owner so that they can be fixed.
- Protective DNS (PDNS) blocks public sector organisations from accessing known malicious domains or allowing malware on already compromised networks from calling home.
- Takedown Service finds malicious sites and sends notifications to the host or owner to get them removed from the internet.
- Mail Check helps public sector organisations take control of their emails, making phishing attacks which spoof those organisations more difficult.
As an example of Active Cyber Defence’s effectiveness, NCSC noted that HMRC had educated its employees about cybersecurity to such an extent that it had dropped down the leaderboards in terms of how many times it was made vulnerable by an attack. In 2016 the organisation was the 16th most phished in the world, while now it’s 126th.
"We've made great progress on making the UK safer since launching our world-leading £1.9 billion cyber security strategy in 2015," concluded Minister for the Cabinet Office Oliver Dowden.
"Establishing the NCSC was a key part of this and has played a central role in tackling online threats posed by criminals, hacktivists and hostile nation states."
The full report is available here.