NCSC blocked over 600 cyber attacks against UK businesses in 2019
Agency's third annual report highlights ongoing threat of malicious nation-state actors
The UK's national cyber security agency has said it defended against 658 cyber attacks against UK businesses and organisations over the past year.
The figures came as part of the NCSC's annual review, which looked at the organisation's work between 1 September 2018 and 31 August 2019. Since forming in 2016, the latest figures now bring the total number of thwarted attacks against UK targets to 1,800, with a large number of those coming from malicious state actors.
One of its first major projects of 2019 was supporting the joint efforts of the UK and Dutch government's to expose Russia's military intelligence agency, the GRU, which was conducting cyber attacks on political institutions, businesses, media and sporting organisations.
As part of its work, the NCSC said it also took down 177,335 phishing URLs over the last year. As a result, the country's share of visible phishing websites is now down to just 2% as of August 2019.
The agency said it aims to develop, operate and maintain world-class technical security capabilities to counter these threats from the country's most capable adversaries.
"We've made great progress on making the UK safer since launching our world-leading 1.9 billion cyber security strategy in 2015," said Minister for the Cabinet Office Oliver Dowden. "Establishing the NCSC was a key part of this and has played a central role in tackling online threats posed by criminals, hacktivists and hostile nation states."
NCSC chief executive Ciaran Martin said the review "gives a real insight into the breadth of outstanding work done by the NCSC and underlines why we are a world leader in cyber security".
"From handling more than 600 incidents many from hostile nation states to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts. I am proud to lead this organisation and optimistic that, in a constantly evolving landscape, we can help make this the safest country to live and work online."
NCSC took down 177,335 phishing URLs over the course of the year with 62.4% of those removed within 24 hours. As of August 2019, the UK's share of these attacks has been reduced to 2%.
Part of the NCSC's strategy for reducing cyber attacks is realised through its 'Active Cyber Defence (ACD)' initiative that empowers businesses and organisations to take more responsibility with cyber security.
"The ultimate goal for Active Cyber Defence is for there to be fewer cyber attacks in the world, causing less harm," the report said. "It represents a significant step-change in the country's approach to cyber security, because of its voluntary, non-regulatory, non-statutory approach delivered in partnership with central government, local government and business."
In 2016, HMRC was the 16th most targeted organisation in the world for phishing scams, according to the report. In Sept 2019, as a result of ACD services and HMRC's own countermeasures, its ranking had dropped to 126.
Since it formed in 2016, the NCSC says it has handled almost 1,800 cyber attacks with 658 of those taking place between 1 September 2018 to 31 August 2019. It also says that a significant number of these have come from hostile nations state actors, such as Russia, China, Iran and North Korea.
The NCSC said it knows more than ever before about its cyber foes thanks to its network of international partners. Last year, the organisation's CEO Ciaran Martin said that the UK had yet to see any major attack from a state-sponsored actor, but warned that a "category one attack" was coming.
The most famous of these state actors is the group known as APT28, or Fancy Bear, which has been linked to many high profile incidents in recent years, such as the cyber attack on the 2018 Winter Olympics, the massive power outage to the Ukranian city Kiev and most notoriously, it's alleged involvement in the 2016 US presidential elections.
The NCSC thwarted more than one million cases of suspected payment card fraud in its third year. This was done through 'Operation Haulster' which sought to uncover which payment cards were being targeted by online fraudsters.
"Where payment fraud was historically driven by card cloning, it has since migrated to transactions where the card does not need to be present, such as online purchases," said Caroline Hermon, head of AI at SAS UK & Ireland. "While it is true that this provides the customer with a more seamless experience, it also aids fraudsters by helping them access funds through illicit transactions and gives banks less time to detect fraudulent activity."