NCSC Report Highlights #COVID19 Threat Surge

Written by

Over a quarter of cyber-threats handled by the UK’s National Cyber Security Centre (NCSC) over the past year were COVID-19 related, the GCHQ branch has revealed in its annual report.

The security agency said it defended the UK from an average of 60 attacks per month from September 2019 to August 2020, with the number of incidents climbing from an average of around 600 over the past three years to 723.

This reflects a more proactive approach from the NCSC rather than more malicious cyber-activity, it said.

The NHS in particular was handed significant help after giving the center its consent to check security. The NCSC shared information on over 160 high-risk and critical vulnerabilities with trusts, as well as 51,000 indicators of compromise (IOCs).

The NCSC also performed threat hunting on 1.4 million NHS endpoints, scanned over one million IP addresses to detect weaknesses and rolled out its Active Cyber Defense services to 235 frontline health bodies, offering them web, email and DNS protection.

In total, over 15,000 COVID-related malicious campaigns were taken down by the NCSC over the year and 260 Sender IDs blocked for sending malicious SMS messages.

Elsewhere, the center said it was instrumental in ensuring the seven new emergency Nightingale hospitals were built with cybersecurity in mind, and it also engaged with more than 1200 “essential service providers” in public and private sectors to support their work in tackling COVID-19.

Away from the pandemic, the NCSC took down over 166,000 phishing URLs, most (65%) within 24 hours, while 2.3 million suspect emails were forwarded to its new Suspicious Email Reporting Service (SERS).

The NCSC’s annual report also listed myriad ways the organization has helped protect elections, parliament, critical infrastructure and businesses, and shared its expertise globally, such as via an “Exercise in a Box” tool, which allows businesses to test their cyber-defenses against realistic attack scenarios.

“From handling hundreds of incidents to protecting our democratic institutions and keeping people safe while working remotely, our expertise has delivered across multiple frontiers,” said new CEO, Lindy Cameron.

“This has all been achieved with the fantastic support of government, businesses and citizens and I would urge them to continue contributing to our collective cybersecurity.”

What’s hot on Infosecurity Magazine?