UK's cyber agency reveals extent of COVID-related attacks

More than a quarter of UK cyber security incidents from the past year were COVID-related, despite the first lockdown starting about half way through the period, with ransomware the main attack vector.

These are the findings of the National Cyber Security Centre's Fourth Annual Review, published today, which reveals that the agency defended the UK from 723 cyber incidents in the year to August 2020 -- an average of 60 attacks a month.

Around 200 of these were related to coronavirus, NCSC said. In the previous three years since launching, they supported an average of 602 incidents annually (590 in 2017, 557 in 2018 and 658 in 2019). The increase in numbers, it says, reflects ongoing the agency's efforts to proactively identify and mitigate threats; as well as tips the organisation receives from its extensive network of partners and reports from victims themselves.

Lindy Cameron, the recently appointed chief executive of the NCSC, said: “This review outlines the breadth of remarkable work delivered by the NCSC in the past year, largely against a backdrop of the shared global crisis of coronavirus.

“From handling hundreds of incidents to protecting our democratic institutions and keeping people safe while working remotely, our expertise has delivered across multiple frontiers.

“This has all been achieved with the fantastic support of government, businesses and citizens and I would urge them to continue contributing to our collective cyber security.”

The growing and changing threat from ransomware is notable. Traditionally, victims of this attack vector are denied access to their own data until a ransom is paid, however attackers are increasingly threatening to leak sensitive information publicly until payment is received. The NCSC has recently updated its guidance to reflect this changing nature.

Jeremy Fleming, director of GCHQ, said: “The world changed in 2020 and so did the balance of threats we are seeing.

“As this review shows, the expertise of the NCSC, as part of GCHQ, has been invaluable in keeping the country safe: enabling us to defend our democracy, counter high levels of malicious state and criminal activity, and protect against those who have tried to exploit the pandemic.

“The years ahead are likely to be just as challenging, but I am confident that in the NCSC we have developed the capabilities, relationships and approaches to keep the UK at the forefront of global cyber security.”

5G: Securing the UK’s telecoms networks

Alongside publishing detailed technical guidance and risk assessments for operators, the organisation also issued a summary of advice given to ministers to inform their verdict on high risk vendors.

This included the organisation’s role in the UK Government’s decision to remove Huawei from the UK’s 5G network by the end of 2027, which came after a thorough NCSC review on the impact of US sanctions imposed on the company in May.

Commenting on the review, Jake Moore, a cyber security specialist at ESET, said: "The rapid rise in COVID-19 related scams has taken the world by storm and will not be disappearing any time soon. The vast selection of different and creative incidents highlights the speed the threat actors work at to make the most out of the current situation. These attacks are likely to remain in place for the full term of the pandemic therefore, the best defence to combat these reinvented threats is via education and working closely with law enforcement. With an increase in phishing emails, it is advised to report suspicious emails to the authorities such as NSCS and Action Fraud which contributes to an industry fighting a war on relentless cyber crime.”

Report highlights: Fourth Annual Review of Cyber Attacks (Source: National Cyber Security Centre)

In a year heavily influenced by the pandemic, the review highlights the NCSC’s support for the healthcare sector, such as scanning more than 1 million NHS IP addresses for vulnerabilities leading to the detection of 51,000 indicators of compromise, and working with international allies to raise awareness of the threat of vaccine research targeting.

With cyber criminals looking to exploit public fear over the pandemic with coronavirus-related online scams, the NCSC and the City of London Police also launched the Suspicious Email Reporting Service, which received 2.3 million reports from the public in its first four months -- resulting in thousands of malicious websites being taken down.

The NCSC also provided the technical assurances during the creation of the Virtual Parliament, as well as producing a wide range of advice for businesses and individuals switching to home working as a result of the pandemic.

A new remote working scenario was added to the NCSC’s Exercise in a Box programme. The initiative, which allows people to test their cyber defences against realistic scenarios was used by people in 125 countries this year.

    Share Story:

Recent Stories

Are property insurers ready for timber
The Structural Timber Association is gearing up to help all stakeholders in the construction supply chain to fully appreciate the advantages of building in timber, how to deliver such projects and most importantly to understand and manage the risks.

The changing face of BC and WAR
The working environment has changed quite dramatically for many over the last six months. With social distancing and the rise of homeworking, it is not just how businesses operate that has changed, but also how they recover. In this podcast we discuss some of the challenges created by the quick shift to home working, why the office may not have seen its last days and how the current environment can impact the ability of a business to recover.