More than 1,000 cyber security incidents were reported to GCHQ’s National Cyber Security Centre (NCSC) in its first year of operation, with more than half representing a significant threat, the centre said in a review published on Tuesday.
The NCSC was formed to better protect the UK’s infrastructure against internet-borne threats, which it said have escalated noticeably over the past year, with attacks taking NHS trusts offline and causing disruption to companies.
But none of the threats over the past year were classed as category one, involving disruption of government or targeting critical infrastructure such as energy, the NCSC said.
In all 1,131 attacks were reported, with 509 considered significant and more than 30 requiring a cross-government response.
NCSC chief executive Ciaran Martin said the 2017 Annual Review indicated progress in working with government, industry and citizens to build a lasting national asset, but acknowledged more remained to be done.
“We are proud of what we have achieved in our first 12 months, but there is so much more to do in the years ahead to counter this threat to our values, prosperity and way of life,” Martin stated.
He said the cyber threat was “large, growing and diverse”.
The significant attacks included incidents involving the NHS and the UK and Scottish Parliaments, as well as large and small businesses, amongst other organisations, Martin said.
He said the NCSC’s work to date includes producing more than 200,000 protective items for military communications, supporting the Cabinet Office in improving security for government organisations and supporting the Home Office in securing the next-generation emergency services network currently being developed.
NCSC initiatives have helped private sector organisations better protect themselves and have seen the average lifetime for phishing sites hosted in the UK drop from 27 hours to less than an hour.
The NCSC’s information-sharing platform with industry, the Cyber Security Information Sharing Partnership (CSISP) grew 43 percent over the year, while 1,000 young people took advantage of the NCSC’s CyberFirst courses.
GCHQ director Jeremy Fleming said the UK’s approach to national security is adapting to the online world as it becomes an ever more important part of people’s lives and the country’s infrastructure.
The centre has been in operation since October of last year, but its new London headquarters were opened by the Queen and the Duke of Edinburgh in February 2017.
The government has been criticised of being slow off the mark to consolidate the way it protects the UK online, with the Public Accounts Committee (PAC) saying in February that in spite of NCSC’s creation cyber protection agencies remained an “alphabet soup”.
The government has formed at least 12 teams and organisations to handle cyber-security, but they have overlapping mandates and activities related to protecting information, the PAC said.
It urged the government to “develop a detailed plan for the NCSC by the end of this financial year, setting out who it will support, what assistance it will provide and how it will communicate with organisations needing its assistance”.
Last month a computer security researcher said it took him two months to report a pair of serious flaws in HMRC’s website to the government and confirm they had been fixed. He criticised HMRC and the National Cyber Security Centre (NCSC) for providing no way for experts to ensure issues are attended to.
Do you know all about security in 2017? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…