JamesMoore-Square-800x800-NEWheadshot-23

Managing Editor, IFSEC Insider

Author Bio ▼

James Moore is the Managing Editor of IFSEC Insider, the leading online publication for security and fire news in the industry. James writes, commissions, edits and produces content for IFSEC Insider, including articles, breaking news stories and exclusive industry reports. He liaises and speaks with leading industry figures, vendors and associations to ensure security and fire professionals remain abreast of all the latest developments in the sector.
December 9, 2021

Download

Whitepaper: Enhancing security, resilience and efficiency across a range of industries

National Cyber Security Centre reveals record number of foiled cyber attacks in 2021 and underlines “significant” ransomware threat

As part of its Annual Review, the National Cyber Security Centre (NCSC) revealed it had provided support for a record number of incidents in 2021, and outlined the damaging effect of ransomware attacks to UK businesses, councils and healthcare providers.

NCSC-Ransomware-Cyberattack-21In total, 777 cyber incidents were mitigated against by the NCSC across 2021, as it provided support to organisations around the UK. This number is up from 723 in 2020.

20% of those organisations supported were linked to the healthcare sector and vaccination programme. The NCSC helped protect the NHS, healthcare providers and vaccine supplier IT systems from malicious domains “billions of times”, as it channelled particular focus towards those involved in the rollout of the vaccine.

Ransomware was highlighted in the review as a significant challenge and one that is on the rise, where criminal gangs are using it to extort organisations. Lindy Cameron, CEO of the NCSC, underlined her belief that it “is now the most immediate cyber security threat to UK businesses”, and called for it to be higher on the C-suite agenda in her foreword.

Ransomware was used for the Colonial Pipeline cyber attack in the US earlier in the year, as well as against the Health Service Executive in Northern Ireland, costing the organisation over £400 million. While not a new phenomenon, its use is said to be growing exponentially, and the effects can be devastating to a business financially, as well as inflicting long-term damage on its reputation.

Lindy Cameron commented: “I’m proud of the way the NCSC has responded to what has been another hugely challenging year for the country as we all continue to navigate our way through the pandemic.

“The support and expertise we have provided for stakeholders from government all the way through to the general public during the pandemic has been vital to keeping the country safe online.

“Undoubtedly there are challenges ahead, but the upcoming National Cyber Strategy combined with the continued engagement from businesses and the public provides a solid foundation for us to continue reducing the impact of online threats.”

Key statistics from the report include:

  • 777 incidents handled by the NCSC
  • 4 million reports of malicious content to the Suspicious Email Reporting Service – with 53,000 scams and 96,500 URLs being removed as a result
  • Engagement with 5,000 organisations providing essential services during the pandemic
  • Guidance and threat assessments to over 80 companies and 14 universities

Read the full NCSC 2021 Annual Review, here.

The review also details the NCSC’s continued drive to increase cyber security skills and diversity in the sector, such as via its CyberFirst programme. Since its inception four years ago, it has introduced over 50,000 11- to 17-year olds to the world of tech and cyber security.

The UK Cyber Security Council – the charitable, self-regulatory body for cyber security education and skills – recently responded to the NCSC’s report on diversity and inclusivity in the cyber sector, underlining the importance of devising, driving and supporting D&I programmes.

Simon Hepburn, CEO of the UK Cyber Security Council, said: “First, we warmly welcome and applaud this second annual report by NCSC and KPMG. Solidly researched again, it makes concrete recommendations that will move the sector towards ensuring there are no barriers to entry to it.

“The sector must succeed at this. It’s vital not just to help the sector fill the tens of thousands of vacancies that exist, but for the sector and the UK to benefit from the wider range of abilities, improved creativity, different thinking and alternative contributions of a truly diverse, inclusive cyber security workforce. The Council and the NCSC are in lockstep over the D&I objectives for the sector and, to that end, we also welcome and agree with the conclusions of the report.”

Related Topics

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments