Ransomware “most acute threat” faced by UK, says NCSC chief exec
Cybersecurity threats against the UK have evolved “significantly” over the last year, according to the National Cyber Security Centre (NCSC).
Statistics from the NCSC Annual Review published this week highlight the growing range of threats faced by both businesses and the UK public.
In particular, the report found that ransomware continues to pose a serious threat, with NCSC CEO Lindy Cameron describing it as the “most acute threat that businesses and organisations in the UK face”.
“These attacks have genuine real-world consequences and are a reminder to all organisations of the importance of taking the important mitigation measures set out in our guidance,” Cameron added.
Across the year, the NCSC assisted in 18 ransomware incidents which required a “nationally coordinated” response. Among these were attacks on a supplier to NHS 111 and a water utility company, South Staffordshire Water.
In total, the NCSC said it managed the response to “hundreds of incidents” throughout the year, 63 of which were “nationally significant”.
Through March 2022, the NCSC issued more than 34 million alerts warning organisations of potential security threats through its Early Warning service.
The centre noted that the service is playing a vital role in bolstering cyber resilience across the country and helping to keep businesses informed.
In fact, the NCSC experienced a 90% year-on-year increase in organisations signing up for the service.
According to the NCSC, “most of the British public” is now likely to encounter low-sophistication cybercrime, including commodity attacks.
These attacks typically harness phishing techniques or malware to scam the public and businesses.
More than 2.1 million cyber-enabled commodity campaigns were removed by the NCSC’s takedown service last year, figures show.
Notably, the “most significant threat” facing citizens continues to be from cybercriminal techniques such as phishing. Official figures show there were 2.7m instances of cyber-related fraud in the 12 months to March 2022.
“Phishing emails continue to be a successful attack vector for criminals,” the report stated. “In many cases, these attacks are designed to mimic those online services that people use and often trust.”
Over the last year, Covid and the Russian invasion of Ukraine have been prominent themes used by criminals to dupe the public, the NCSC said. And more recently, cybercriminals have capitalised on the cost-of-living crisis to target citizens.
For example, the energy regulator Ofgem has been used as a lure for more than 50 phishing campaigns aimed at harvesting financial credentials.
While the NCSC provides a range of vital services, it also relies on support and engagement from businesses and the public.
The Centre’s Suspicious Email Reporting Service (SERS) has experienced a 20% YoY increase in reports, the review shows.
Across the last year, 6.5 million reports were filed with the service, which led to the removal of around 62,000 scam URLs.
According to Lindy Cameron, the “most profound change” in the cybersecurity landscape over the last year came with Russia’s invasion of Ukraine. The February invasion prompted an increase in global cyber threats and posed challenges for the international community.
“The return of war to Europe presented a unique set of challenges in cyberspace for the NCSC, our partners and our allies,” she explained. “We have been part of a huge effort to ensure UK organisations, critical infrastructure and the whole of society are as resilient as they can be.”
The release of the NCSC Annual Review follows details on the extent of the UK Government’s cyber support for Ukraine since the onset of the conflict.
Earlier this week, the government revealed it has been providing expert cybersecurity support for Ukrainian authorities through the Ukraine Cyber Programme.
The £6.35m initiative has provided Ukraine with vital support to counter the intense wave of Russian cyber-attacks against critical infrastructure and public services.
Cameron hailed the programme as a success.
“As well as keeping the UK safe, I am proud of the role the NCSC played, in conjunction with FCDO, in supporting the Ukrainian authorities’ staunch cyber defence in the face of Russian hostility,” she said.
“These efforts were shown to have been highly successful in protecting the Ukrainians against Russian cyber-attacks and raising their general cyber resilience.”
DIGIT Expo 2022 | Join the Conversation
DIGIT Expo is Scotland’s largest gathering of senior technology personnel and an unmissable opportunity for knowledge exchange, networking and business opportunity.
The conference will feature an array of tech leaders, innovators and world-class speakers exploring key themes such as AI, DevOps, cyber security, digital leadership, cloud computing, Web3 and data innovation.
Find out more at: www.digit-expo.com