The UK is endangered by at least ten cyber incidents every week, according to the National Cyber Security Centre (NCSC).
Since its launch two years ago, the cyber defence centre has prevented almost 1,200 attacks, with a significant number of these being carried out by state-sponsored hackers.
The NCSC’s second annual review highlights the growing cybersecurity threats faced by the UK, with a particular focus on the “sustained threat” of hostile state actors.
The NCSC did not disclose which countries were behind these cyber attacks, nor did it detail which methods they predominately use. In the review, however, it said cybersecurity experts had prevented approximately 1,167 incidents over a period of two years.
The head of the NCSC, Ciaran Martin, identified Russia as a particular danger to the UK’s cybersecurity defences. Last year, Martin said that the Russian regime was actively working to disrupt companies in the UK’s telecommunications and energy industries.
“We are calling out unacceptable behaviour by hostile states and giving our businesses the specific information they need to defend themselves,” he said.
The security chief has also been outspoken over North Korean cyber activities in the last 12-months. The UK Government officially blamed North Korea for the devastating WannaCry attack which crippled a number of organisations in the UK; including the NHS.
The repercussions of this attack were detailed in a recent report by the Department of Health and Social Care, which highlighted the massive financial impact of both resolving these issues and the subsequent improvements to NHS security standards.
In response to growing international threats, Martin said the centre was working to secure critical national infrastructure. His predictions for the future, however, were bleak. Martin said there was “little doubt” that the UK would be “tested to the full” by an incident in the near future.
“As we move into our third year, a major focus of our work will be providing every citizen with the tools they need to keep them safe online,” he said. “I’m confident that the NCSC will continue to provide the best line of defence in the world to help the UK thrive in the digital age.”
NCSC Annual Review
This announcement comes after the NCSC revealed a cybersecurity “Code of Practice” for consumer IoT products on Monday 15th October. In this, the centre suggested British businesses and consumers are increasingly at risk of cyber attacks due to substandard security.
As well as combating cyber attacks from hostile state actors, the review highlights the centre’s growing role in preventing phishing attacks. Between mid-2017 and 2018, the NCSC has shut down websites and domains used in phishing attacks, which has led to the closure of almost 140,000 sites that were designed to mimic banks, businesses and government agencies.
Initiatives led by the NCSC have helped mark legitimate government domains, which have played a crucial role in cracking down on email-borne threats. Additionally, tools produced by the centre have allowed companies and organisations to identify vulnerabilities.