Suspicious Email Reports Up a Third as NCSC Hails Active Defense

Written by

A leading UK cybersecurity agency has hailed continued progress with its flagship initiative, designed to make the country the safest place in which to live and work online.

The National Cyber Security Centre (NCSC)’s sixth annual report into the Active Cyber Defence (ACD) program revealed a 33% increase in potentially malicious emails reported to its Suspicious Email Reporting Service (SERS), to reach a record-breaking 7.1 million reports.

Read more on ACD: Active Cyber Defence Should Be Rolled Out UK-Wide: Report

The NCSC claimed this has enabled it to remove nearly a quarter of a million malicious website links from the internet since April 2020.

The report also revealed a 39% overall increase in take-up of the ACD’s free services by UK organizations. These are designed to help protect even organizations without dedicated cybersecurity expertise.

This includes a 60% increase in its Mail Check service designed to improve compliance with DMARC and other email anti-spoofing/privacy controls. The NCSC’s Web Check service also increased its user base by 26% year-on-year in 2022.

The number of unique URLs and domains being scanned by the service for known bugs and misconfigurations increased by 33% annually.

The Protective Domain Name Service (PDNS) saw a 24% increase in users. It blocked 11 billion DNS queries for 420,000 domains, and over five million requests for domains associated with ransomware, the report claimed.

The NCSC also trumpeted a 38% annual increase in customer organizations signing up to use its Early Warning service, which informs them of potential attacks on their network. Over 500 of them were warned of potential active malware in their systems, 2270 were warned about vulnerabilities and 1193 about a host on their network scanning the internet, which might be malicious.

There was also a 40% annual increase in users of the NCSC’s Exercise in a Box (EiaB) tool, which is designed to help organizations “practise and refine” their response to cybersecurity threats.

“As this latest report shows, cybersecurity is not the sole preserve of tech specialists: businesses are increasingly alive to and eager to engage with the cyber risks they face, signing up in swathes to make the most of NCSC data and expertise,” argued NCSC director for national resilience and future technology, Jonathon Ellison.

“Small businesses have a key role to play in making it safer to work and live online, which is why we’re making it even easier for them to shore up their defences with accessible, free tools and soon, to manage these effortlessly via our integrated MyNCSC platform.”

What’s hot on Infosecurity Magazine?