NCSC defends UK against more than 600 cyber attacks

The NCSC says a significant number of incidents continue to come from hostile nation states, which continue to pose strategic national security threats to the UK but are not documented for security reasons.

In the most wide-ranging review yet produced by the NCSC, which is a part of GCHQ, it warns that the most immediate threats to citizens and businesses continue to come from large-scale global cybercrime, which despite often being low in sophistication threaten the UK’s economic prosperity and way of life.

Over the period of the review, the NCSC dealt with 658 incidents, bringing the total number to almost 1,800 since the centre was established in 2016.

Minister for the Cabinet Office Oliver Dowden said: “We’ve made great progress on making the UK safer since launching our world-leading £1.9 billion cyber security strategy in 2015. Establishing the NCSC was a key part of this and has played a central role in tackling online threats posed by criminals, hacktivists and hostile nation states.”

NCSC chief executive Ciaran Martin added: “This review gives a real insight into the breadth of outstanding work done by the NCSC and underlines why we are a world leader in cyber security.

“From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts.”

Among the initiatives highlighted by the NCSC is a pioneering operation to stop hundreds of thousands of people losing money to credit card fraud. As a result of Operation Haulster, “fraudulent intention” against more than a million credit cards was automatically flagged to banks, in the majority of cases before a crime had taken place.

The NCSC has also played a key role in protecting the democratic process. The organisation meets with UK political parties every three months and regularly gives cyber security advice to Parliamentarians, and during this year’s local and European elections provided parties with guidance on risks and advice on protecting people and systems.

The review also highlights the success of the Active Cyber Defence (ACD) programme. “ACD is the NCSC’s world-leading, bold, interventionist approach that stops millions of cyber attacks from ever happening,” says the review.

“ACD features a number of pioneering programmes, such as the Takedown Service, which finds malicious sites and sends notifications to the host to get them removed. Thanks to this service, 98 per cent of phishing URLs discovered to be malicious were taken down, a total of 177,335 phishing URLs. Of those, 62.4 per cent were removed in the first hour.”

The review also underlines the NCSC’s commitment to sharing as much threat information as possible in real time, in the form of the new Indicator of Compromise (IoC) machine.

“Previously it has taken several hours for officials to be able to share information relating to threats to the UK, but the IoC machine can identify what can be shared in a matter of seconds – though the final decision still lies with a person,” says the NCSC.

Talal Rajab, head of Cyber and National Security at industry representative body techUK, said the review outlines the “persistent and varied nature of cyber threats from state sponsored attacks to lower level, unsophisticated attacks targeting individual citizens”.

“The NCSC continues to grow in scale and influence, mitigating against a vast range of cyber challenges facing UK citizens and businesses,” he added.

“The fact that NCSC has this year responded to 658 incidents demonstrates that cyber security remains a threat on all fronts, which requires increased preparedness and resilience. Whilst the NCSC is playing its vital supporting role here, it is ultimately down to businesses and citizens to practice good cyber hygiene which thwart the majority of attacks.”