The National Cyber Security Centre (NCSC) has helped UK organisations fight over 600 cyber attacks over the course of the last year, with hostile nation-states blamed for a ‘significant’ number of the attempts at hacking UK-based targets.
The NCSC Annual Review 2019 sheds a light on some of the work the cyber arm of GCHQ has done over the last year to help protect the UK from malicious cyber activity and reveals that it handled 658 incidents in the last 12 months, providing support to almost 900 victims of cyber attacks.
Some of the cyber attacks which have targeted the UK in the past year include a phishing scam posing as an airport refund email which attempted to defraud over 200,000 people, nation-state backed hackers attempting to steal intellectual property from universities, a ransomware attack against the police.
It takes the total number of cyber incidents the NCSC has dealt with since it opened its doors in 2016 to almost 1,800 as cyber criminals and other malicious threat groups continue to target the UK.
For the first time, the NCSC has detailed the sectors which has been most commonly called on to support in reaction to incidents. Government is the top target for cyber attacks, followed by academia and tech companies. Managed service providers are the fourth most common organisations which the NCSC has helped with cyber incidents, followed by transport and health in joint fifth place.
“From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts,” said Ciaran Martin, chief executive of the NCSC.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
The report lists Russia, China, Iran and North Korea as hostile states actively targeting the UK with cyber attacks, following the NCSC strategy of calling out countries conducting attacks.
The NCSC is also trying to keep individual users safe from cyber attacks and has revealed one way it has been doing so is with something called the Haulster operation which automates defence of credit cards by flagging fraudulent intention against them.
Haulster takes stolen credit card data collected by the NCSC and its partners and returns information about them to banks – often before being used for crime, allowing financial institutions to protect users from their money being stolen. So far, this operation has flagged fraudulent information against a million stolen credit cards and the NCSC aims to increase the scope of the operation.
The NCSC also continued with its policy of Active Cyber Defence (ACD), a strategy designed to ensure there are fewer cyber attacks in the world, causing less harm to users in the UK and beyond in the process.
A major element of this is a takedown service which stops phishing and other malicious websites from operating as soon as possible by contacting the web host and getting the sites removed from the internet.
According to the annual report, 98% of phishing URLs – 177,335 of them – discovered by the takedown service were successfully forced to stop operating. In 62% of cases, this happened within 24 hours of the website being deemed to be malicious.
The fight against these malicious domains means the UK only accounts for 2% of the websites hosting phishing scams around the world – down from 3% last year and 5% when the NCSC started operating.
However, despite a number of successes from the NCSC, the organisation isn’t under any illusion that the fight against cyber attacks and hacking is anywhere near over – and that everyone has a part to play in battle.
“Looking ahead, there is also the risk that advanced cyber attack techniques could find their way into the hands of new actors, through proliferation of such tools on the open market,” said Martin.
“Cyber security has moved away from the exclusive prevail of security and intelligence agencies towards one that needs the involvement of all of government, and indeed all of society,” he added.
READ MORE ON CYBER SECURITY