View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 3, 2017

NCSC bombarded by cyberattack reports in first year of operation

The NCSC faced reports of 1,131 cyber incidents in its first year, 509 of which were categorised as significant.

By Tom Ball

The GCHQ based NCSC (National Cyber Security Centre) has experienced a deluge of over 1,000 reports of cyber incidents, amounting to more than two significant attacks every single day of the organisations first year.

A colossal 509 significant attacks were included in the 1,131 total, and of these in excess of 30 required a response from the government.

This rapid escalation of cyberattack rates has coincided with the arrival of the NCSC, which has faced a year that included WannaCry and NotPetya.

Category two WannaCry completely crippled the NHS, reducing it to a situation of pen and paper organisation that placed human life under threat. This devastating instance has prompted professionals to consider the possibility of an even worse attack.

NCSC bombarded by cyberattack reports in first year of operationCsaba Krasznay, Security Evangelist at Balabit said: In the first instance, companies must ensure that they have firstly, a comprehensive and up to date list of privileged accounts. Secondly, a limited scope for each privileged account where every user has exactly the minimum rights to carry out their tasks. Next, ensure that all accounts that are no longer needed are deleted.

“Finally, companies with a mature security posture must implement a formal password policy for privileged accounts, this should include changing default passwords as a matter of course, and prohibiting sharing passwords across accounts,” said Krasznay.

Recently the Director of the NCSC, Dr Ian Levy, said that he predicted a massive category one attack would hit within the next five years, sparking a major, global reaction to the threats we face.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Steven Malone, Cyber Resilience Expert at Mimecast, said: “The fact Britain is hit by nearly two significant cyber-attacks every day is shocking, and once again highlights why governments and organisations of all sizes need to focus on analysing their critical infrastructure and business systems for weaknesses.”

UK firms hopelessly lacking required skills for cybersecurity arms race
Mastercard predicts the future with pre-emptive cybersecurity defence
Crowdstrike CTO: Theft and destruction are ‘just a few keystrokes’ apart

Major attacks such as WannaCry have rapidly accelerated the rate at which awareness is increasing in regard to cybersecurity more generally, an essential development that may come too late.

Mark James – Security Specialist at ESET said: “With so many attacks happening in the digital world we live in, its understandable that we are concerned. It’s one of those things that’s almost impossible to counter as an individual- yes we can patch, we can install security software and we can have in place policies and procedures to help combat opportunistic malware, but when it comes to targeted attacks fired from the minds of extremely intelligent people, the chances of stopping it solo are drastically reduced.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.