NCSC: UK hit by 590 "significant" cyber attacks last year

National Cyber Security Centre celebrates its birthday with a review of its first year of operation

The National Cyber Security Centre (NCSC) responded to 590 "significant attacks", with a total 1,313 cyber incidents reported to theorganisationin its first year.

Of the total security incidents reported to the NCSC, its review said 30 were seen as requiring a "cross-government response process" that includes the massive WannaCry attack that knocked swathes of the NHS offline.

Advertisement - Article continues below

The report revealed a little about how the NCSC's processes work. For the 25 June attack on parliament's emails, the NCSC worked with the parliamentary Digital Service to "investigate, advise and mitigate" the attack, offering support and victim care after thefact, as well as advice on how to use better passwords.

For WannaCry, the NCSC "reacted quickly to offer victim support and advice on the day of the attack", the report claimed, as well as "updating our ransomware guidance". The NCSC also sent experts to Barts Hospital Trust "to provide bespoke advice" suggesting theorganisationdidn't send out any staff to other hospitals. "We continue today to work and support government departments in identifying vulnerabilities and mapping out what data matters and should be backed up," the report added.

The NCSC also worked with local law enforcement to "share accurate and consistent advice with hard to reach groups", with its advice reaching thousands of businesses, helping to stop the spread of the ransomware, the review noted.

Advertisement - Article continues below
Advertisement - Article continues below

The NCSC also crowed about its more proactive work, saying the lifespan of phishing sites fell from 27 hours to less than an hour. Plus, it revealed the launch of four programmes to boost security across the public sector, including blocking 120,000 fake emails via authentication protocol DMARC, blocking malicious redirects for logged in users, offering the Web Check vulnerability scanning service to all government websites, and working with Netcraft on malware and phishing countermeasures.

The NCSC also said it was boosting protections for the Armed Forces. Though the NCSC said much of it "can't be discussed in detail", that work includes encrypting communications and improving their resilience. It's work with the Ministry of Defence also saw it "delivering the next generation of cryptographic products", and helped the Cabinet Office's rollout of Foxhound, a new cross-government IT network for secret-level classified documents.

Alongside its direct security work, the NCSC also ran a series of training activities for supporting and finding young tech talent.

Advertisement - Article continues below

Ciaran Martin, CEO of the NCSC, said in a statement that theorganisationwas "incredibly proud" of what it's achieved in the first year of operations. "But the threat remains very real and growing - further attacks will happen and there is much more for us to do to make the UK the safest place in the world to live and do business online," he said.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular


How to find RAM speed, size and type

24 Jun 2020
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020