National Cyber Security Centre programme prevents millions of cyber attacks in first year
Cyber attack - Image credit: Dennis Skley
Millions of cyber attacks in the UK have been prevented by a defensive programme from the National Cyber Security Centre, launched as part of the UK Government’s National Cyber Security Strategy in November 2016.
A report on the first year of the NCSC’s Active Cyber Defence programme found that since it has been in place, the UK’s share of global phishing attacks dropped from 5.3 per cent in June 2016 to 3.1 per cent in November 2017.
The average takedown time for a phishing website pretending to be a UK government-related site, has dropped from 42 hours to 10 hours, with 65 per cent removed within 24 hours.
There has also been a “dramatic drop” in the number of scam emails using an @gov.uk domain name purporting to be from government body, with an average of 4.5 million malicious emails a month blocked from reaching users.
The free-at-the-point-of-use programme for public bodies has four parts aimed protecting organisations and the public from relatively unsophisticated ‘commodity’ cyber attacks such as scams and phishing, which account for around 80 per cent of cyber crime.
DMARC helps email domain owners to control how their email is processed, making it harder for criminals to spoof messages to seem like they come from a trusted address.
A takedown service requests that hosting providers remove malicious content that is pretending to be related to UK Government, as well as other kinds of malicious content hosted in the UK.
The Public Sector DNS service blocks access to known bad domains, with block lists derived from a combination of commercial, open source and NCSC threat feeds. It also notifies system owners so they can perform remediation.
And Web Check performs tests on public sector websites to find security issues, providing reports to the service owners, along with advice on how to fix the problems.
Between April and December 2017, Web Check performed 1,033,250 scans on 7,791 URLs across 6,910 domains, producing 4,108 advisories for customers, covering 6,218 different issues.
The report also lists the 10 most spoofed government brands in the year, with HMRC the most targeted with 16,064 fake websites taken down.
Dr Ian Levy, Technical Director of the NCSC, said the UK was taking “a unique approach that is bold and interventionalist” aimed at make the country an unattractive target to criminals or nation states.
He said: “The ACD programme intends to increase our cyber adversaries’ risk and reduces their return on investment to protect the majority of people in the UK from cyber attacks.”
Levy continued: “This report shows that simple things, done at scale, can have a positive and measurable effect and the British UK public should be safer as a result of these measures.
“As these measures are scaled up, people should be asked less often to do impossible things, like judge whether an email or website is good or bad, less often.
“The NCSC has committed to being transparent and publishing data.
“We think the results here show that the first year of our Active Cyber Defence programme have been successful – and the following years will be really interesting.”
Holyrood Newsletters
Holyrood provides comprehensive coverage of Scottish politics, offering award-winning reporting and analysis: Subscribe