NCSC blocks millions of cyber attacks launched against UK

But hackers will respond with fresh ways to target businesses and citizens, body warns

Cyber criminals will change their tactics in response to the National Cyber Security Centre's (NCSC's) success in blocking millions of attacks against UK businesses over the last year, the organisation's director warned today.

In a report entitled Active Cyber Defence - One Year On', the GCHQ-led agency today detailed the success it has had in reducing cybercrime against businesses and citizens since it introduced its four Active Cyber Defence (ACD) programmes a year ago, under the government's National Cyber Security Strategy.

These four programmes are aimed at improving UK security by checking public body websites' security, blocking fake emails, thwarting phishing attacks and stopping public sector bodies' IT systems from landing on malicious websites.

As a result, the UK's share of visible global phishing attacks has almost halved since the measures began a year ago, dropping from 5.3% in June 2016 to 3.1% November 2017, according to the report. The organisation also blocked an average 4.5 million malicious emails per month from reaching users, and carried out more than one million security scans and seven million security tests on public sector websites.

Additionally, the NCSC removed 121,479 UK-hosted phishing sites, 18,067 of which were spoofing UK government services. As a result, the average time it took to take down sites spoofing government services dropped from 42 hours to 10 hours, it said.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

ACD has also accommodated for a dramatic drop of scam emails from bogus @gov.uk' accounts, the report said, with a total of 515,658 rejected over the year.

NCSC technical director Ian Levy said: "The ACD programme intends to increase our cyber adversaries' risk and reduces their return on investment to protect the majority of people in the UK from cyber attacks. The results are positive, but there is a lot more work to be done."

However, he warned that the programmes' success will see attackers alter their tactics.

"The successes we have had in our first year will cause attackers to change their behaviour and we will need to adapt," he said. "Our measures seem to already be having a great security benefit - we now need to incentivise others to do similar things to scale up the benefits to best protect the UK from commodity cyberattacks in a measurable way."

The NCSC's report also listed the 10 most-spoofed government departments, revealing that HMRC is the most targeted, with 16,064 fake websites taken down. Also on the list are the DVLA, the Student Loans Company and the Crown Prosecution Service.

Advertisement - Article continues below

The report comes after UK defence secretary Gavin Williamson warned that a cyber attack by Russia could cripple Britain's infrastructure and cause "thousands and thousands and thousands of deaths". The NCSC's head, Ciaran Martin, had earlier claimed that an attack on the UK's energy infrastructure or election process "is a matter of when, not if".

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Recommended

Visit/careers/28212/a-guide-to-cyber-security-certification-and-training
Careers & training

A guide to cyber security certification and training

13 Jan 2020
Visit/email-clients/19598/hotmail-outlookcom-upgrades-your-questions-answered
Software

Hotmail.co.uk migration to Outlook.com: Qs answered

11 Nov 2019
Visit/careers/28219/it-manager-job-description-what-does-an-it-manager-do
Careers & training

IT manager job description: What does an IT manager do?

28 Oct 2019
Visit/business-strategy/31780/the-it-pro-panel
Business strategy

The IT Pro Panel

28 Oct 2019

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/microsoft-windows/354526/memes-and-viking-funerals-the-internet-reacts-to-the
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020
Visit/network-internet/broadband/354530/openreach-offers-free-full-fibre-installation-for-thousands-of
broadband

Openreach offers free full-fibre installation for thousands of homes

14 Jan 2020