UK's cyber agency reveals extent of COVID-related attacks

More than a quarter of UK cyber security incidents from the past year were COVID-related, despite the first lockdown starting about half way through the period, with ransomware the main attack vector.

These are the findings of the National Cyber Security Centre's Fourth Annual Review, published today, which reveals that the agency defended the UK from 723 cyber incidents in the year to August 2020 -- an average of 60 attacks a month.

Around 200 of these were related to coronavirus, NCSC said. In the previous three years since launching, they supported an average of 602 incidents annually (590 in 2017, 557 in 2018 and 658 in 2019). The increase in numbers, it says, reflects ongoing the agency's efforts to proactively identify and mitigate threats; as well as tips the organisation receives from its extensive network of partners and reports from victims themselves.

Lindy Cameron, the recently appointed chief executive of the NCSC, said: “This review outlines the breadth of remarkable work delivered by the NCSC in the past year, largely against a backdrop of the shared global crisis of coronavirus.

“From handling hundreds of incidents to protecting our democratic institutions and keeping people safe while working remotely, our expertise has delivered across multiple frontiers.

“This has all been achieved with the fantastic support of government, businesses and citizens and I would urge them to continue contributing to our collective cyber security.”

The growing and changing threat from ransomware is notable. Traditionally, victims of this attack vector are denied access to their own data until a ransom is paid, however attackers are increasingly threatening to leak sensitive information publicly until payment is received. The NCSC has recently updated its guidance to reflect this changing nature.

Jeremy Fleming, director of GCHQ, said: “The world changed in 2020 and so did the balance of threats we are seeing.

“As this review shows, the expertise of the NCSC, as part of GCHQ, has been invaluable in keeping the country safe: enabling us to defend our democracy, counter high levels of malicious state and criminal activity, and protect against those who have tried to exploit the pandemic.

“The years ahead are likely to be just as challenging, but I am confident that in the NCSC we have developed the capabilities, relationships and approaches to keep the UK at the forefront of global cyber security.”

5G: Securing the UK’s telecoms networks

Alongside publishing detailed technical guidance and risk assessments for operators, the organisation also issued a summary of advice given to ministers to inform their verdict on high risk vendors.

This included the organisation’s role in the UK Government’s decision to remove Huawei from the UK’s 5G network by the end of 2027, which came after a thorough NCSC review on the impact of US sanctions imposed on the company in May.

Commenting on the review, Jake Moore, a cyber security specialist at ESET, said: "The rapid rise in COVID-19 related scams has taken the world by storm and will not be disappearing any time soon. The vast selection of different and creative incidents highlights the speed the threat actors work at to make the most out of the current situation. These attacks are likely to remain in place for the full term of the pandemic therefore, the best defence to combat these reinvented threats is via education and working closely with law enforcement. With an increase in phishing emails, it is advised to report suspicious emails to the authorities such as NSCS and Action Fraud which contributes to an industry fighting a war on relentless cyber crime.”

Report highlights: Fourth Annual Review of Cyber Attacks (Source: National Cyber Security Centre)

In a year heavily influenced by the pandemic, the review highlights the NCSC’s support for the healthcare sector, such as scanning more than 1 million NHS IP addresses for vulnerabilities leading to the detection of 51,000 indicators of compromise, and working with international allies to raise awareness of the threat of vaccine research targeting.

With cyber criminals looking to exploit public fear over the pandemic with coronavirus-related online scams, the NCSC and the City of London Police also launched the Suspicious Email Reporting Service, which received 2.3 million reports from the public in its first four months -- resulting in thousands of malicious websites being taken down.

The NCSC also provided the technical assurances during the creation of the Virtual Parliament, as well as producing a wide range of advice for businesses and individuals switching to home working as a result of the pandemic.

A new remote working scenario was added to the NCSC’s Exercise in a Box programme. The initiative, which allows people to test their cyber defences against realistic scenarios was used by people in 125 countries this year.

    Share Story:

Recent Stories

Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021