November 4, 2019

The Review reports that the NCSC defended the UK against more than 600 cyber attacks in the past year, bringing the total number to almost 1,800.

Over the period of the review the NCSC dealt with 658 incidents. A significant number of incidents continue to come from hostile nation states.

Key disclosures from the Review include:

• Operation Haulster, which automatically flagged fraudulent intention against more than one million stolen credit cards, as a result protecting hundreds of thousands of people from financial loss;
• a machine to improve the efficiency of information sharing around threats to the UK, speeding up the process from a matter of hours to just seconds; and
• a breakdown for the first time of the sectors which are given the most support from the NCSC’s Incident Management team, with the Government heading the list, followed by academia, IT, managed service providers and, in joint fifth, health and transport.

Elsewhere in the review, the key role the NCSC plays in protecting the democratic process is highlighted. The organisation meets with UK political parties every three months and regularly gives cyber security advice to Parliamentarians, and during this year’s local and European elections provided parties with guidance on risks and advice on protecting people and systems.

The success of the Active Cyber Defence (ACD) Programme is also highlighted. ACD is the NCSC’s “world-leading, bold, interventionist approach that stops millions of cyber attacks from ever happening”.

ACD features a number of pioneering programmes, such as the Takedown Service, which finds malicious sites and sends notifications to the host to get them removed. According to the Review, 98% of phishing URLs discovered to be malicious were taken down, a total of 177,335 phishing URLs. Of those, 62.4% were removed in the first hour.

There are also examples in the review of how the NCSC is helping defend individuals and families from the cyber threat, including via Operation Haulster. As a result of this operation, fraudulent intention against more than a million credit cards was automatically flagged to banks, in the majority of cases before a crime had taken place.

The review underlines the NCSC’s commitment to sharing as much threat information as possible in real time, in the form of the new Indicator of Compromise (IoC) machine. The NCSC explains that previously it has taken several hours for officials to be able to share information relating to threats to the UK, but the IoC machine can identify what can be shared in a matter of seconds, although the final decision still lies with a person. To read the NCSC press release in full and for a link to the Annual Review, click here.