The Daily Swig Web security digest

NCSC tackles nearly 600 ‘significant’ attacks in first year of ops

James Walker | 05 October 2017 at 13:00

One year on since its creation, the UK’s new cybersecurity agency is doubling down on efforts to protect the country against future digital attacks.

The UK’s National Cyber Security Centre (NCSC) celebrated its first anniversary yesterday, with the group stating its InfoSec experts received 590 “significant” incident reports over the past year.

Coinciding with the group’s anniversary, the NCSC – which was established as the cybersecurity division of UK security body GCHQ in October 2016 – published its first annual review, which shines new light on the work being done to fight cybercrime.

While it acknowledged there is still “much work” to be done, in its first 12 months the organization said it had prevented thousands of attacks and managed hundreds of incidents.

“In our first year, we responded to 590 significant attacks, ranging from attacks on key national institutions like that National Health Service (NHS) and the UK and Scottish Parliaments, through to attacks on large and small businesses and other organizations,” said NCSC chief executive Ciaran Martin.

A cornerstone of the UK government’s National Cyber Security Strategy, the creation of the NCSC brought together previously separate parts of the government, MI5 and GCHQ to create a single lead authority on UK cybersecurity.

In its first year, the group launched the Active Cyber Defence, which it said has prevented thousands of attacks and reduced the average time a phishing site is online from 27 hours to one hour.

It also produced 200,000 protective items to help secure the communication systems of the country’s armed forces and national security community.

The biggest test of the year for NCSC was leading the UK response to the global WannaCry incident, which hit hundreds of thousands of PCs around the world and affected 47 NHS trusts in May.

The NCSC also cited the cyber attack on UK Parliament over the summer as typical of the incidents that fell within its remit.

“In an increasingly digital world, cyber is playing an ever more important part in our daily lives and in the UK’s approach to security,” said GCHQ director, Jeremy Fleming. “The threats to the UK are evolving rapidly as technology advances. Our response has been to transform to stay ahead of them.”

While the NCSC report takes stock of the organization’s successful first year of operation, the group was quick to underline the ever-growing threats across the UK’s digital landscape.

“Cyber security is crucial to our national security and to our prosperity,” Martin stated. “We’re incredibly proud of what we have achieved in our first year at the National Cyber Security Centre, bringing together some of the best cyber security brains in the country in a single place.

“But the threat remains very real and growing. Further attacks will happen and there is much more for us to do to make the UK the safest place in the world to live and do business online.”