The GCHQ based NCSC (National Cyber Security Centre) has experienced a deluge of over 1,000 reports of cyber incidents, amounting to more than two significant attacks every single day of the organisations first year.
A colossal 509 significant attacks were included in the 1,131 total, and of these in excess of 30 required a response from the government.
This rapid escalation of cyberattack rates has coincided with the arrival of the NCSC, which has faced a year that included WannaCry and NotPetya.
Category two WannaCry completely crippled the NHS, reducing it to a situation of pen and paper organisation that placed human life under threat. This devastating instance has prompted professionals to consider the possibility of an even worse attack.
Csaba Krasznay, Security Evangelist at Balabit said: In the first instance, companies must ensure that they have firstly, a comprehensive and up to date list of privileged accounts. Secondly, a limited scope for each privileged account where every user has exactly the minimum rights to carry out their tasks. Next, ensure that all accounts that are no longer needed are deleted.
“Finally, companies with a mature security posture must implement a formal password policy for privileged accounts, this should include changing default passwords as a matter of course, and prohibiting sharing passwords across accounts,” said Krasznay.
Recently the Director of the NCSC, Dr Ian Levy, said that he predicted a massive category one attack would hit within the next five years, sparking a major, global reaction to the threats we face.
Steven Malone, Cyber Resilience Expert at Mimecast, said: “The fact Britain is hit by nearly two significant cyber-attacks every day is shocking, and once again highlights why governments and organisations of all sizes need to focus on analysing their critical infrastructure and business systems for weaknesses.”
Major attacks such as WannaCry have rapidly accelerated the rate at which awareness is increasing in regard to cybersecurity more generally, an essential development that may come too late.
Mark James – Security Specialist at ESET said: “With so many attacks happening in the digital world we live in, its understandable that we are concerned. It’s one of those things that’s almost impossible to counter as an individual- yes we can patch, we can install security software and we can have in place policies and procedures to help combat opportunistic malware, but when it comes to targeted attacks fired from the minds of extremely intelligent people, the chances of stopping it solo are drastically reduced.”