NCSC: UK hit by 590 "significant" cyber attacks last year

National Cyber Security Centre celebrates its birthday with a review of its first year of operation

The National Cyber Security Centre (NCSC) responded to 590 "significant attacks", with a total 1,313 cyber incidents reported to theorganisationin its first year.

Of the total security incidents reported to the NCSC, its review said 30 were seen as requiring a "cross-government response process" that includes the massive WannaCry attack that knocked swathes of the NHS offline.

The report revealed a little about how the NCSC's processes work. For the 25 June attack on parliament's emails, the NCSC worked with the parliamentary Digital Service to "investigate, advise and mitigate" the attack, offering support and victim care after thefact, as well as advice on how to use better passwords.

For WannaCry, the NCSC "reacted quickly to offer victim support and advice on the day of the attack", the report claimed, as well as "updating our ransomware guidance". The NCSC also sent experts to Barts Hospital Trust "to provide bespoke advice" suggesting theorganisationdidn't send out any staff to other hospitals. "We continue today to work and support government departments in identifying vulnerabilities and mapping out what data matters and should be backed up," the report added.

The NCSC also worked with local law enforcement to "share accurate and consistent advice with hard to reach groups", with its advice reaching thousands of businesses, helping to stop the spread of the ransomware, the review noted.

The NCSC also crowed about its more proactive work, saying the lifespan of phishing sites fell from 27 hours to less than an hour. Plus, it revealed the launch of four programmes to boost security across the public sector, including blocking 120,000 fake emails via authentication protocol DMARC, blocking malicious redirects for logged in users, offering the Web Check vulnerability scanning service to all government websites, and working with Netcraft on malware and phishing countermeasures.

The NCSC also said it was boosting protections for the Armed Forces. Though the NCSC said much of it "can't be discussed in detail", that work includes encrypting communications and improving their resilience. It's work with the Ministry of Defence also saw it "delivering the next generation of cryptographic products", and helped the Cabinet Office's rollout of Foxhound, a new cross-government IT network for secret-level classified documents.

Alongside its direct security work, the NCSC also ran a series of training activities for supporting and finding young tech talent.

Ciaran Martin, CEO of the NCSC, said in a statement that theorganisationwas "incredibly proud" of what it's achieved in the first year of operations. "But the threat remains very real and growing - further attacks will happen and there is much more for us to do to make the UK the safest place in the world to live and do business online," he said.

Featured Resources

Become a digital service provider

How to transform your business from network core to edge

Download now

Optimal business results with the cloud

Evaluating the best approaches to hybrid cloud adoption

Download now

Virtualisation that enables choices, not compromises

Harness the virtualisation technology that's right for your hybrid infrastructure

Download now

Email security threat report 2020

Four key trends from spear fishing to credentials theft

Download now

Recommended

How LogPoint uses MITRE ATT&CK
Whitepaper

How LogPoint uses MITRE ATT&CK

15 Jan 2021
Weekly threat roundup: Microsoft Defender, Adobe, Mimecast
vulnerability

Weekly threat roundup: Microsoft Defender, Adobe, Mimecast

14 Jan 2021
Mimecast admits hackers accessed users’ Microsoft accounts
Security

Mimecast admits hackers accessed users’ Microsoft accounts

13 Jan 2021
What is public key infrastructure (PKI)?
Security

What is public key infrastructure (PKI)?

12 Jan 2021

Most Popular

What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021
150,000 arrest records accidentally deleted from police database
data management

150,000 arrest records accidentally deleted from police database

15 Jan 2021
Can Pat Gelsinger get Intel back on track?
chief executive officer (CEO)

Can Pat Gelsinger get Intel back on track?

13 Jan 2021