Tag: ncsc

723 Serious Cyber Attacks Stopped

The job of the National Cyber Security Centre (NCSC) is to protect the UK against cyber threats, whether that’s from hostile nations and groups or simply criminals.

Since it became operational in 2016, GCHQ’s cyber crime defence centre has defended the UK against 1,167 serious such threats.

The majority of the attacks were carried out by hackers “directed, sponsored or tolerated” by foreign governments, according to NCSC chief executive Ciaran Martin.

“These groups constitute the most acute and direct cyber threat to our national security,” he said.

In these days of coronavirus, NSCSC has also had to help protect scientists working on a vaccine, NHS hospitals, essential infrastructure and more.

The Wannacry ransomware in 2017 did huge damage to the NHS hospitals caught out.

NCSC also work to stamp out phishing and similar scams and what they call ‘high commodity attacks’ including the removal of 138,398 phishing sites between September 2017 and August 2018.

Cyber attacks are increasing in volume, scale and range of targets every year so business and all organisations need to take this seriously and protect themselves accordingly.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Government Cyber Security Centre

The National Cyber Security Centre (NCSC) is part of the United Kingdom Government and provides advice and support for the public and private sector in how to avoid computer security threats. It became operational in October 2016, and its parent organisation is GCHQ.

“Helping to make the UK the safest place to live and work online”.

“NCSC support the most critical organisations in the UK, the wider public sector, industry, SMEs as well as the general public. When incidents do occur, we provide effective incident response to minimise harm to the UK, help with recovery, and learn lessons for the future”.

More specifically, the NCSC:

  • understands cyber security, and distils this knowledge into practical guidance made available to all
  • responds to cyber security incidents to reduce the harm caused to organisations and the wider UK
  • uses industry and academic expertise to nurture the UK’s cyber security capability
  • reduces risks to the UK by securing public and private sector networks

 

Year Three Highlight Statistics

  • Handled 658 incidents
  • Provided support to almost 900 victim organisations
  • Produced 154 threat assessments
  • Took down 177,335 phishing URLs, 62.4% of which were removed within 24 hours
  • 8 million visitors to the NCSC’s website
  • Added more than 5,000 new members onto the Cyber Security Information Sharing Partnership
  • Produced 108,411 physical items for 170 customers through the UK Key Production Authority
  • Produced 34 pieces of guidance and 69 blogs
  • Awarded 14,234 Cyber
    Essentials certificates
  • Enabled 2,886 small businesses across the UK to do simulated cyber exercising for themselves
  • Challenged 11,802 girls in the 2019 CyberFirst Girls Competition
  • Engaged with 2,614 students on the NCSC’s CyberFirst courses
  • Supported 250 extra teaching hours of computer science across 4 schools through Cyber Schools Hub activities
  • Delivered, along with sector and law enforcement partners, cyber security awareness and training sessions to more than 2,700 charities 20 countries visited by the NCSC Welcomed visiting delegations from 56 countries Hosted 197 events, with more than 9,000 attendees

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

 

UK Cyber Security Centre One Year On

In November 2016 the National Cyber Security Centre (NCSC) was created as part of GCHQ and given a mandate to pursue the radical action required to better protect the UK’s interests in cyberspace.

A key strand in this new approach is the NCSC’s Active Cyber Defence (ACD) programme, which aspires to protect the majority of people in the UK from the majority of the harm, caused by the majority of the attacks, for the majority of the time. It is intended to tackle the high-volume commodity attacks that affect people’s everyday lives, rather than the highly sophisticated and targeted attacks, which are dealt with in other ways.

One key intervention is the Takedown Service.

The Takedown Service

This service works by requesting that hosting providers remove malicious content that is pretending to be related to UK government and also certain types of malicious content hosted in the UK.

  • In 2017, we removed 18,067 unique phishing sites across 2,929 attack groups that pretended to be a UK government brand, wherever in the world they were hosted.
  • As a consequence, we have reduced the median availability of a UK government-related phishing site from 42 hours to 10 hours. That means that these sites are available for much less time to do harm to UK citizens. 65.8% of those are down in 24 hours, up from 39% before we started takedowns.
  • In 2017, we removed 121,479 unique phishing sites across 20,763 attack groups physically hosted in the UK, regardless of who it was pretending to be. As a consequence, we have reduced the median availability of a phishing site physically hosted in the UK from 26 hours to 3 hours, again giving them much less time to do harm. 76.8% of those were down in 24 hours, up from 47.3% before NCSC started takedowns.
  • In 2017, we worked with 1,719 compromised sites in the UK that were being used to host 5,111 attacks, intended to compromise the people that visited them. As a consequence, we have reduced the median availability of these compromises from 525 hours to 39 hours.
  • Over the year 2017, the month-by-month volume of each of these has fallen, suggesting that criminals are using the UK government brand less and hosting fewer of their malicious sites in UK infrastructure.
  • In 2017, we notified email providers about 3,243 Advance Fee Fraud attacks, pretending to be related to UK government.
  • In 2017, we stopped several thousand mail servers being used to impersonate government domains and sending malware to people, in the expectation that the government link makes them more realistic. We have also removed a number of deceptive domains that were registered with the sole intention of deceiving people.
  • While the volume of global phishing we can see has gone up significantly (nearly 50%) over the last 18 months, the share hosted in the UK has reduced from 5.5% to 2.9%.

That’s a great first year – keep up the good work.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Government’s New Cyber Security Centre

The government’s National Cyber Security Centre (NCSC), based in Victoria, London, was officially opened by the Queen in early February.

The new boss is Ciaran Martin, who has moved from the agency’s headquarters in Cheltenham.

The NCSC is already busy as it says it has stopped more than a hundred high level cyber attacks in the last few months.

“The cyberattacks we are seeing are increasing in their frequency, their severity, and their sophistication,” chancellor Philip Hammond said ahead of the opening.

“We will help secure our critical services, lead the response to the most serious incidents and improve the underlying security of the internet through technological improvement and advice to citizens and organisations,” Martin said. This will include finding vulnerabilities in public sector websites, stopping spoof emails, and taking down thousands of phishing websites in the UK.

The National Cyber Security Centre has four key objectives outlined in its prospectus.

  1. To Be a Centre of Expertise on Cyber Security

To understand the cyber security environment, share knowledge, and use that expertise to identify and address systemic vulnerabilities. The NCSC will be the centre of government expertise on what is happening in cyberspace.. That knowledge will be used to provide best practice advice and guidance, and to tackle systemic vulnerabilities to enhance cyber security for all.

  1. To Protect the UK

To reduce risks to the UK by working with public and private sector organisations to improve their cyber security. The NCSC will support the most critical organisations in the UK across government and the private sector to secure and defend their networks.

  1. To respond to Cyber Security Incidents

When a serious cyber incident occurs, the NCSC will work with victims to minimise the damage, to help with recovery, and to learn lessons to reduce the chance of recurrence and minimise future impact. At the same time the NCSC will ensure that the wider response of government and law enforcement is well co-ordinated

  1. To Grow the UK Cyber Security Capability

To nurture and grow our national cyber security capability, and provide leadership on critical national cyber security issues. Cyber security and information technology continues to develop and evolve at a rapid pace. As the Centre within government for cyber-knowledge, the NCSC will have the best possible visibility of what is happening today – in terms of threats, vulnerabilities and technology trends. This means cutting edge technical research teams, combining the best of government, industry and academic expertise, scanning the horizon and helping plan for what could challenge us tomorrow. The NCSC will lead the UK’s thinking across the range of initiatives and developments, ensuring that the UK Government, organisations and the public can harness the advantages that new technologies bring in a safe and secure manner.

Let’s hope the new NCSC is up to the job of combatting foreign and domestic hackers, criminals and terrorists.

Do you have an opinion on this matter? Please comment in the box below.