Two year since its launch, NCSC helped the UK against almost 1,200 cyber attacks, most carried out by hostile nation states
The UK’s National Cyber Security Centre (NCSC) has revealed that it helps the country fend off at least ten cyber attacks a week, most of which come from state-sponsored hackers employed by hostile nation states.
This was the surprising admission in the NCSC’s annual review, which revealed the centre had prevented the UK from falling victim to almost 1,200 attacks in the last two years.
The NCSC (part of GCHQ) actually began operations two years ago in October 2016, and it acts as the front-line base for providing government organisations and UK-based businesses with advice on how to defend against cyber threats.
The annual review said that the NCSC had in the period between September 2017 to August 2018, dealt with 557 ‘incidents’.
It has also removed 138,398 unique phishing sites.
Digging deeper into the review it seems that its operatives had defended the UK from 1,167 cyber incidents over the last two years – the majority by hostile states.
“Although the UK is making significant progress in improving our cyber security, that does not mean that we are getting everything right, or that the threat is abating,” said Ciaran Martin, CEO of the National Cyber Security Centre.
“Proof of that – if it were needed – is that in the two years of our existence the NCSC has dealt with well over 1,000 cyber security incidents,” he wrote. “The majority of these incidents were, we believe, perpetrated from within nation states in some way hostile to the UK. They were undertaken by groups of computer hackers directed, sponsored or tolerated by the governments of those countries. These groups constitute the most acute and direct cyber threat to our national security.”
And Martin warned that the UK should expect to be “tested to the full” by a “major incident” (or what the NCSC calls a “Category 1 attack”) in the years ahead.
“Although there have been several very significant incidents, thus far, the UK has avoided a Category 1 – most of our foremost international partners have not,” wrote Martin. “But even if this continues, we must be alert to the constant threat from countries who will attack critically important national networks to steal information for strategic or commercial reasons, and give themselves a starting point – ‘prepositioning’ – for a significant attack in the future.
“That’s why earlier this year, along with the Government of the United States, the NCSC published evidence of Russian pre-positioning on some of our critical sectors, along with detailed technical guidance to business on how to get rid of it from our networks,” he added.
The annual review also made clear the NCSC’s ongoing role in protecting UK’s interests, including critical infrastructure (electricity grids), stopping election interference, and even helping “defending defence” (via more secure procurement and contracting).
“The NCSC has been a critical contributor to F-35 system connectivity and UK network security, enabling Defence Equipment and Support to understand and mitigate risk while ensuring that security policies and international collaborations remain robust to the cyber threat,” it wrote.
Earlier this week, Sky News managed to obtain heavily redacted MoD reports which revealed that the MoD and its partners failed to protect military and defence data in 37 incidents in 2017.
In November 2016, Dr Ian Levy, the technical head of the government’s NCSC said that cybersecurity ran on fear, and the country would be unable to harness the power of new technologies such as the Internet of Things (IoT) and Artificial Intelligence (AI) until cybersecurity fear-mongering was replaced by a statistical and rational approach.
How much do you know about hackers? Take our quiz!