The UK’s National Cyber Security Centre (NCSC) has cemented its role at the heart of the country’s cyber-response effort, with new figures detailing the millions of threats it has helped to neutralize.
The agency’s NCSC Annual Review 2022 report published today details its progress in helping to turn the UK into one of the world’s safest places to live and work online.
Among efforts to improve cyber-resilience for UK organizations is the popular Early Warning service, which has provided subscribed users with 34 million alerts about attacks, compromises, vulnerabilities or open ports over the past year.
The service also witnessed a 90% year-on-year (YoY) increase in sign-ups, the report claimed.
The NCSC helped to remove 2.1 million “commodity” cyber-campaigns during the reporting period (September 2021–August 2022). These are typically “high-volume, low-sophistication” attacks targeting both businesses and consumers, involving phishing and other techniques.
The public has also been playing its part in making the digital world safer, with a 20% YoY increase in reports to the NCSC’s Suspicious Email Reporting Service (SERS).
That resulted in 6.5 million reports in the year, and the removal of 62,000 scam URLs.
At a more serious level, the NCSC said it was involved in 18 ransomware incidents that required a nationally coordinated response, including attacks on a supplier to NHS 111, and utility South Staffordshire Water.
Overall, the agency managed the response to “hundreds” of incidents, 63 of which were “nationally significant,” as the cybersecurity threat to the UK “evolved significantly” over the year, it said.
NCSC CEO, Lindy Cameron, called out the work her team has also been putting in to help Ukrainian network defenders repel waves of recent attacks from Russian invaders.
However, she added that ransomware “remains the most acute threat” that UK organizations face today.
“We are making significant progress in bolstering the UK’s resilience, stopping hundreds of thousands of attacks upstream while bolstering preparedness and helping UK institutions and organizations better understand the nature of cyber threats, risks and vulnerabilities downstream,” she said.
“Despite this, there remain serious gaps in the nation’s defenses, and the collective resilience-building effort must continue apace.”