IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

NCSC blocks millions of cyber attacks launched against UK

But hackers will respond with fresh ways to target businesses and citizens, body warns

Cyber criminals will change their tactics in response to the National Cyber Security Centre's (NCSC's) success in blocking millions of attacks against UK businesses over the last year, the organisation's director warned today.

In a report entitled Active Cyber Defence - One Year On', the GCHQ-led agency today detailed the success it has had in reducing cybercrime against businesses and citizens since it introduced its four Active Cyber Defence (ACD) programmes a year ago, under the government's National Cyber Security Strategy.

These four programmes are aimed at improving UK security by checking public body websites' security, blocking fake emails, thwarting phishing attacks and stopping public sector bodies' IT systems from landing on malicious websites.

As a result, the UK's share of visible global phishing attacks has almost halved since the measures began a year ago, dropping from 5.3% in June 2016 to 3.1% November 2017, according to the report. The organisation also blocked an average 4.5 million malicious emails per month from reaching users, and carried out more than one million security scans and seven million security tests on public sector websites.

Additionally, the NCSC removed 121,479 UK-hosted phishing sites, 18,067 of which were spoofing UK government services. As a result, the average time it took to take down sites spoofing government services dropped from 42 hours to 10 hours, it said.

ACD has also accommodated for a dramatic drop of scam emails from bogus @gov.uk' accounts, the report said, with a total of 515,658 rejected over the year.

NCSC technical director Ian Levy said: "The ACD programme intends to increase our cyber adversaries' risk and reduces their return on investment to protect the majority of people in the UK from cyber attacks. The results are positive, but there is a lot more work to be done."

However, he warned that the programmes' success will see attackers alter their tactics.

"The successes we have had in our first year will cause attackers to change their behaviour and we will need to adapt," he said. "Our measures seem to already be having a great security benefit - we now need to incentivise others to do similar things to scale up the benefits to best protect the UK from commodity cyberattacks in a measurable way."

The NCSC's report also listed the 10 most-spoofed government departments, revealing that HMRC is the most targeted, with 16,064 fake websites taken down. Also on the list are the DVLA, the Student Loans Company and the Crown Prosecution Service.

The report comes after UK defence secretary Gavin Williamson warned that a cyber attack by Russia could cripple Britain's infrastructure and cause "thousands and thousands and thousands of deaths". The NCSC's head, Ciaran Martin, had earlier claimed that an attack on the UK's energy infrastructure or election process "is a matter of when, not if".

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

A guide to cyber security certification and training
Careers & training

A guide to cyber security certification and training

16 Jun 2022
World’s biggest four-day working week trial kicks off in UK
flexible working

World’s biggest four-day working week trial kicks off in UK

6 Jun 2022
Pushing cloud AI closer to the edge
machine learning

Pushing cloud AI closer to the edge

1 Jun 2022
Europe's tech sector struggles to find employees with AI skills
Careers & training

Europe's tech sector struggles to find employees with AI skills

25 Apr 2022

Most Popular

The UK's best cities for tech workers in 2022
Business strategy

The UK's best cities for tech workers in 2022

24 Jun 2022
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks
Security

LockBit 2.0 ransomware disguised as PDFs distributed in email attacks

27 Jun 2022
Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022