NCSC picks IoT, cloud, and cryptojacking among UK plc’s biggest future threats
Cybersecurity agency issues report looking forward to coming dangers and back at year in which DDoS and ransomware hogged the headlines
Cryptojacking attacks, the internet of things, and cloud-security challenges are among the biggest future threats facing UK businesses, a government report has claimed.
To mark the start of the National Cyber Security Centre’s annual CYBERUK event, which takes place this week in Manchester, the NCSC and the National Crime Agency have jointly published a report titled The Cyber threat to UK business. The study picks out the four key trends in cybercrime that have defined the last 12 months: ransomware and distributed denial-of-service attacks; data breaches; supply-chain compromises; and fake news and information operations.
“With attackers able to achieve many of their aims by using techniques that are not particularly advanced, the distinction between nation states and cyber criminals has blurred, making attribution all the more difficult,” the report said.
The study added that some of the biggest attacks perpetrated last year – in particular the WannaCry assault – showed the physical dangers posed by online threats.
“The WannaCry ransomware attack in May spread rapidly and randomly due to its use of a self-replicating worm,” the report said. “The attack demonstrated the real-world harm that can result from cyberattacks, particularly when they are designed to self-replicate and spread.”
- NHS, local government, and ICO impacted by cryptojacking attack
- Major cyberattack on UK likely in next two years, warns NCSC chief
- Does the UK need an IoT regulator?
For the 2018/19 year and beyond, the NCSC and the NCA have picked out six key future threats: data breaches and legislation; cryptojacking; supply-chain compromises; increased use of worms; internet of things; and cloud security.
“Criminals are highly likely to continue to exploit long-standing and well-known vulnerabilities in victim infrastructure,” the report said. “We expect to see a continuation of cryptojacking and supply-chain attacks, and an increasingly diverse range of ransomware variants.”
Donald Toon, director of the NCA’s prosperity command, said that businesses need to work with police and government to help combat the ever-increasing cyberthreat.
“UK business faces a cyberthreat which is growing in scale and complexity,” he said. “Organisations which don’t take cybersecurity extremely seriously in the next year are risking serious financial and reputational consequences. By increasing collaboration between law enforcement, government, and industry we will make sure the UK is a safe place to do business and a hostile zone for cyber criminals.”
Look out on PublicTechnology this week for more news and analysis from the CYBERUK event.
Government announces it will enter into discussions over rules allowing workers to disconnect from remote systems and shun late-night emails
Consultation launched on possible expansion of NIS regulations
Joanna Davinson, executive director of the Central Digital and Data Office, discusses the new organisation’s remit
CMA calls vendors to make it easier for users to switch between the two platforms