‘Cyberattackers are doing the same things over and over – and too often getting through’
National Cyber Security Centre chief celebrates achievements of past year but stresses work still to be done
Credit: Stefan Rousseau/PA Archive/PA Images
As the National Cyber Security Centre publishes its third annual report, its chief executive Ciaran Martin has expressed pride in the organisation’s achievements to date but stressed how much work remains to be done to inculcate basic security measures.
Published today, the report reveals that, in the 12-month period to 31 August 2019, the NCSC dealt with 658 cyber incidents. The running total since the organisation was founded three years ago stands at about 1,800 – indicating that, in volume at least, the cyberthreat landscape remains fairly consistent.
Speaking at an event held this morning at NCSC headquarters to launch the report, Martin (pictured above) said that the document constitutes “a three-year record of strong, practical success”.
Number of cyber incidents dealt with by the NCSC in the past year
Number of victims of cyberattacks that received NCSC support
Government, academia, and IT
The three sectors that required the most incident-management support
Number of malicious phishing URLs taken down during the year – equating to 98% of the total that were discovered
Examples of the impact of the NCSC cited by Martin include “stopping more than one million credit cards from being used by cybercriminals”, and the recent collaboration with the US National Security Agency to expose the activities of Russian hacking group Turla, which had been masking its attacks by posing as a similar Iranian group.
But the NCSC chief said that such successes are only “part one” of the story of the agency’s activities over the past year. The second part of the tale is the familiar challenges it continues to face.
“Some attackers are still doing the same things over and over again, and too often they are getting through,” Martin said. “There are things you and I can do – and that organisational leaders can do – to get ahead of the problem. All of us can use sensible, practical measures – [such as] two-factor authentication and back-ups. All organisations can scan for vulnerabilities, and have strategies to counter phishing attacks. Do that, and so much of the problem goes away, and we can focus on the big problems of the future.”
During the last year, the NCSC supported almost 900 organisations that had fallen victim to cyberattack. For the first time, the agency has revealed which sectors required the most support over the year.
Government needed by far the most attention from NCSC incident-management professionals, with academia second on the list, followed by IT companies and managed services providers. The transport and health sectors were in joint fifth place.
Minister says input will be welcomed from all stakeholders
The public sector must focus not only on attacks, but on how it responds and recovers from them, Zerto and Cyber Security Scotland told attendees at the recent Local Government ICT Summit
Government attributes 2018 campaign to Moscow and claims more assaults were planned for cancelled 2020 summer games
At the end of a challenging year, local government chiefs discuss the impact on digital and data
Studies have shown that an engaged employee is happier, more productive, and more committed to their job. So how can we encourage employee engagement? Trickle suggests innovative solutions ...
2020 has been a year of unprecedented change for the UK public sector. Today’s agile working technology enables you to meet citizen needs in this challenging operating environment by empower your...
Organisations need to understand that a single cybersecurity solution alone is not infallible and instead should move towards a multi-layered approach to security, according to experts from...