The annual review of the UK’s National Cyber Security Centre (NCSC) has just been published.
The review is the 7th publication, and covers the highlights and milestones between 1 September 2022 and 31 August 2023. It also looks ahead to future challenges the UK is likely to face.
The review is broken down into 4 key areas:
- Threats and Risks
- Resilience
- The UKs Cyber Ecosystem
- Technology
Threats and Risks
The report highlights the increased activity from multiple nation state actors as well as criminal gangs targeting Critical National Infrastructure (CNI), the threat of ransomware, the proliferation of commercial cyber tools used by criminals, the rise of cyber-enabled fraud, and the potential of those seeking to harm the UK via the use of artificial intelligence systems.
As the national body for protecting the UK, the NCSC issued 24.48 million notifications through its early warning system to subscribing organisations of potential malicious activity within their networks. Of these, 258 were deemed to be significant enough for the NCSC’s own incident handling teams to step in and help those organisations deal with the issues.
The NCSC was made aware of 327 incidents of data exfiltration, and was required to handle 13 nationally significant incidents involving the exploitation of a vulnerability in Citrix Netscaler applications (CVE-2023-3519)
Resilience
The report details the work done by the NCSC to help other organisations build resilience to cyber threats.
The creation of trust groups which helps build stronger ties between organisations helping to secure their supply chains, The share and defend program which enables the sharing of knowledge of malicious domains between government bodies, ISPs, and public sector organisations, allowing for near-real-time protection from attacks relating to these malicious domains.
The 21% increase of cyber essentials certifications shows that UK companies are starting to take cyber security more seriously – Currently, 28,399 organisations hold the certification, with a furthwer 9,037 holding the Cyber Essentials Plus certification.
The launch of the new Cyber Advisors scheme has allowed small organisations the ability to approach NCSC-assured cyber security experts for cost-effective advice and practical support. Although in its first year of operation, the scheme has assured 56 cyber advisors so far.
The biggest success is that of Active Cyber Defence (ACD) which is now in its 6th year of operation. ACD was designed to strengthen core Government departments against the rise of cyber attacks, but the program has now been rolled out to a broader set of users including small businesses, charities, and the education sector.
Mail Check – a system to protect email systems from abuse has now been rolled out to cover 14,400 domains
Email security check protects 34,000 domains against email spoofing and aids email privacy
The Takedown service works with hosting providers to remove malicious websites and infrastructure. The UK used to be the source of 5% of global phishing campaigns – this is now 1.1%
The Suspicious Email Reporting Service (SERS) handled 10 million reports of suspicious messages from members of the public – In total, this service has handled 23.9 Million reports since its launch in 2020. These reports directly contributed to 86,000 scam URLs being taken off the Internet. (261,000 since 2020)
Early Warning has notified 323,000 unique IP addresses as having some form of vulnerability
Web Check is protecting almost 3,000 organisations web sites and has seen a drop of 15% of urgent issues from those sites
Exercise in a box – a toolkit which allows organisations to test their cyber security posture via a series of table top exercises has seen its user-base increase by 28% with 21,524 organisations now using the service.
Protective DNS (PDNS) has now been rolled out to 1,363 organisations, helping them prevent accidental access to malicious, or harmful domains.
Ecosystem
The NCSC CyberFirst program has continued to inspire a new generation of cyber experts. The CyberFirst girls competition has grown massively with almost 9,000 participants in this years events. Since its conception, over 56,000 girls have taken part in the various competition rounds.
105 schools and colleges in the UK have now acheived the CyberFirst recognition for helping develop cyber ecosystems through improved teaching, and hosted events.
125 new CyberFirst bursary places were offered this year and an additional 14 postgraduate , and 5 undergraduate degree courses achieved the NCSC certification.
In wider industry, a further 41 companies signed up to the i100 scheme which brings together public and private sector talent to challenge thinking, test innovative ideas and enable greater understanding of cyber security.
Technology
The NCSC has released a number of papers and blogs about Artificial Intelligence (AI) and Large Language Models (LLMs) as well as provided insight to the DSIT publications about Quantum computing (The National Quantum Strategy) and semiconductors (The National Semiconductor Strategy)
The NCSC themselves released the latest iteration of the NCSC Research problem book with the aim of guiding cyber security research towards the most critical security challenges that we have identified as significant barriers to improving cyber security.
A new facility dedicated to the security of the UK’s telecommunications industry has been established in Solihul – Managed by the National Physics Laboritory (NPL), the UK Telecoms lab (UKTL) will help test, research and improve the security of telecoms equipment.
The Vulnerability Reporting Service (VRS) which allows people to to report discovered vulnerabilities has been hugely successful – so much so that a new Government Cyber Coordination Centre (GC3) is to be established as a joint venture between NCSC and Cabinet Office to help the VRS deliver more effective coordination and improve the resilience of the UK Government.
