Top Ten: Things Learned from the NCSC Annual Report

In the four years since it opened, the UK’s National Cyber Security Centre (NCSC) has worked to meet the government’s mission of making the UK the safest place to live and work online.

This week, the NCSC published the review of its fourth year of operation, a year in which its CEO changed from Ciaran Martin to Lindy Cameron, it had to deal with the multiple impacts of COVID-19 and the attribution of attacks on vaccine developers to Russia.

Citing the period between 1 September 2019 and 31 August 2020, the NCSC said it “defended the UK from 723 cyber-incidents”, which included an average of 60 attacks per month. This was the headline static released by the NCSC; so what else was in this year’s annual report?

  1. The number of incidents being handled has increased year-on-year, from 590 in 2017, 557 in 2018 and 658 in 2019, to 723 in 2020
  2. Around 200 of the 723 incidents related to COVID-19
  3. More than one million NHS IP addresses were scanned for weaknesses, with 51,000 indicators of compromise shared
  4. Active Cyber Defense services, which include Web Check, Mail Check and protective DNS, were deployed to 235 frontline health bodies across the UK, including NHS Trusts
  5. The Suspicious Email Reporting Service led to more than 2.3 million reports of malicious emails being flagged by the British public
  6. 22,000 taken down malicious URLs related to COVID-19 scams, such as pretending to sell PPE equipment
  7. 17,000 Cyber Essentials certificates were issued, a rise of 20% year-on-year
  8. There was a 60% rise in the number of girls applying for the CyberFirst summer courses, as 1770 children and teenagers participated
  9. 166,710 phishing URLs were taken down, 65.3% of which were removed within 24 hours
  10. More than 2950 new members were added to the Cyber Security Information Sharing Partnership (CiSP)

What’s Hot on Infosecurity Magazine?