The U.K.’s National Cyber Security Centre (NCSC) defended the country from an average of 60 attacks per month during a year which saw its resources proactively focused on the coronavirus response, the organization’s latest Annual Review has revealed.
The NCSC handled 723 incidents between 1 September 2019 and 31 August 2020, with around 200 related to coronavirus. In the previous three years since launching, the center supported an average of 602 incidents annually (590 in 2017, 557 in 2018 and 658 in 2019).
The growth this year reflects ongoing NCSC efforts to proactively identify and mitigate threats, tips the organization receives from its extensive network of partners and reports from victims themselves.
In a year heavily influenced by the pandemic, the review highlights the NCSC’s support for the healthcare sector, such as scanning more than 1 million NHS (the U.K. National Health Service) IP addresses for vulnerabilities leading to the detection of 51,000 indicators of compromise, and working with international allies to raise awareness of the threat of vaccine research targeting.
With cyber criminals looking to exploit public fear over the pandemic with coronavirus-related online scams, the NCSC and the City of London Police also launched the Suspicious Email Reporting Service, which received 2.3 million reports from the public in its first four months – resulting in thousands of malicious websites being taken down.
The NCSC also provided the technical assurances during the creation of the Virtual Parliament, as well as producing a wide range of advice for businesses and individuals switching to home working as a result of the pandemic.
A new remote working scenario was added to the NCSC’s ‘Exercise in a Box’ program. The initiative, which allows people to test their cyber defenses against realistic scenarios was used by people in 125 countries this year.
The growing threat from ransomware is starkly revealed in the review, which discloses that the NCSC handled more than three times as many ransomware incidents compared to last year.
Alongside this rise, there has also been a marked shift in the way criminals carry out these attacks. Traditionally, victims are denied access to their own data until a ransom is paid, however attackers are increasingly threatening to leak sensitive information publicly until payment is received.
The NCSC has also played a bigger role than ever in defending the UK’s political process, assisting with the cybersecurity of a U.K. general election for the second time in its history.
Over the past year, the NCSC shared vital threat intelligence to enable businesses, citizens, and international partners to better defend themselves against malicious activity from hostile states.
An example of this is when the U.K. and its international allies attributed cyber attacks against organisations conducting coronavirus vaccine research to Russia in July, which was complimented with mitigation advice such as enabling two-factor authentication and setting up a security monitoring capability.
The NCSC played a key role the U.K. government’s decision to remove Huawei from the country’s 5G network by the end of 2027, which came after a thorough NCSC review on the impact of U.S. sanctions imposed on the company in May.