The National Cyber Security Centre has today released its annual report detailing its Active Cyber Defence (ACD) programmes, highlighting progress to date and emerging and persistent challenges.
Key takeaways and statistics include:
- NCSC discloses that it stopped 140,000 separate phishing attacks over the last year;
- 190,000 fraudulent sites have been taken down;
- Protective Domain Name System blocked 57.4 million web address queries, preventing 1.4 million public employees from visiting malicious sites; and
- Less hackers are posing as HMRC, seeing the department go from 16th most popular disguise to 146th worldwide.
The Active Cyber Defence programme exists, according to NCSC Technical Director, Ian Levy to ‘protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber-attacks the majority of the time.’ Broadly, the purpose of the programme is to make it more expensive to effectively carry out cyber-attacks in the UK, reducing potential financial gains for cyber criminals. As such these initiatives are often simple actions or technologies which can work at scale, mitigating against threat actors targeting ‘low-hanging fruit’.
The report details that over the last 12 months ACD services have continued to evolve with some new services created based on evidence-based research and testing, examining data collected and helping to flag key threats and trends throughout the sector. Key successes have seen attacks targeting airports, schools and hospitals thwarted, including one targeting thousands of airline passengers from a fake gov.uk email address.
The report also makes clear that these initiatives are not a solo eﬀort. To more effectively reduce harm from cyber-attacks in the UK, NCSC will continue to work more closely alongside other government departments, industry, charities and individuals. This engagement will be key in ensuring programmes like ACD become increasingly effective.
To access the full report, please click here.