NCSC blocked over 600 cyber attacks against UK businesses in 2019

Agency's third annual report highlights ongoing threat of malicious nation-state actors

The UK's national cyber security agency has said it defended against 658 cyber attacks against UK businesses and organisations over the past year.

The figures came as part of the NCSC's annual review, which looked at the organisation's work between 1 September 2018 and 31 August 2019. Since forming in 2016, the latest figures now bring the total number of thwarted attacks against UK targets to 1,800, with a large number of those coming from malicious state actors.

One of its first major projects of 2019 was supporting the joint efforts of the UK and Dutch government's to expose Russia's military intelligence agency, the GRU, which was conducting cyber attacks on political institutions, businesses, media and sporting organisations.

As part of its work, the NCSC said it also took down 177,335 phishing URLs over the last year. As a result, the country's share of visible phishing websites is now down to just 2% as of August 2019.

The agency said it aims to develop, operate and maintain world-class technical security capabilities to counter these threats from the country's most capable adversaries.

Advertisement - Article continues below
Advertisement - Article continues below

"We've made great progress on making the UK safer since launching our world-leading 1.9 billion cyber security strategy in 2015," said Minister for the Cabinet Office Oliver Dowden. "Establishing the NCSC was a key part of this and has played a central role in tackling online threats posed by criminals, hacktivists and hostile nation states."

NCSC chief executive Ciaran Martin said the review "gives a real insight into the breadth of outstanding work done by the NCSC and underlines why we are a world leader in cyber security".

"From handling more than 600 incidents many from hostile nation states to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts. I am proud to lead this organisation and optimistic that, in a constantly evolving landscape, we can help make this the safest country to live and work online."


NCSC took down 177,335 phishing URLs over the course of the year with 62.4% of those removed within 24 hours. As of August 2019, the UK's share of these attacks has been reduced to 2%.

Part of the NCSC's strategy for reducing cyber attacks is realised through its 'Active Cyber Defence (ACD)' initiative that empowers businesses and organisations to take more responsibility with cyber security.

Advertisement - Article continues below

"The ultimate goal for Active Cyber Defence is for there to be fewer cyber attacks in the world, causing less harm," the report said. "It represents a significant step-change in the country's approach to cyber security, because of its voluntary, non-regulatory, non-statutory approach delivered in partnership with central government, local government and business."

In 2016, HMRC was the 16th most targeted organisation in the world for phishing scams, according to the report. In Sept 2019, as a result of ACD services and HMRC's own countermeasures, its ranking had dropped to 126.

Hostile states

Since it formed in 2016, the NCSC says it has handled almost 1,800 cyber attacks with 658 of those taking place between 1 September 2018 to 31 August 2019. It also says that a significant number of these have come from hostile nations state actors, such as Russia, China, Iran and North Korea.

The NCSC said it knows more than ever before about its cyber foes thanks to its network of international partners. Last year, the organisation's CEO Ciaran Martin said that the UK had yet to see any major attack from a state-sponsored actor, but warned that a "category one attack" was coming.

The most famous of these state actors is the group known as APT28, or Fancy Bear, which has been linked to many high profile incidents in recent years, such as the cyber attack on the 2018 Winter Olympics, the massive power outage to the Ukranian city Kiev and most notoriously, it's alleged involvement in the 2016 US presidential elections.

Card Fraud

The NCSC thwarted more than one million cases of suspected payment card fraud in its third year. This was done through 'Operation Haulster' which sought to uncover which payment cards were being targeted by online fraudsters.

Advertisement - Article continues below

"Where payment fraud was historically driven by card cloning, it has since migrated to transactions where the card does not need to be present, such as online purchases," said Caroline Hermon, head of AI at SAS UK & Ireland. "While it is true that this provides the customer with a more seamless experience, it also aids fraudsters by helping them access funds through illicit transactions and gives banks less time to detect fraudulent activity."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now


internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020