NCSC ACD report reveals extent of cyber crime in 2020
Five years ago, the UK’s National Cyber Security Centre (NCSC) established the Active Cyber Defence (ACD) programme which aims to “protect the majority of people in the UK from the majority of the harm caused by the majority of cyber attacks the majority of the time”. In short, it seeks to reduce the impact of cyber attacks by providing services that protect against a range of threats. As part of the programme, the NCSC releases an annual report which reflects on the previous year’s aims and highlights the achievements made.
2020 was an incredibly challenging year for businesses and individuals alike, and unfortunately, we witnessed threat actors capitalise on the monumental changes we experienced in our home and work lives.
This year’s report – which was released ahead of the CYBERUK conference – reflects a huge surge in malicious activity, particularly NHS-themed phishing attacks that many of us will no doubt have been targeted with over the last year.
As well as this, the NCSC also saw a rise in Government-themed phishing campaigns, with 4,000 campaigns identified and shut down in 2020. In total, 700,595 campaigns (1,448,214 URLs) were taken down in 2020 – a fifteen-fold increase in campaign takedowns compared to 2015.
Ollie Whitehouse, global CTO at NCC Group commented: “Last year, we witnessed a swift and conscious shift towards Covid-19 scams and attacks by low level criminality, demonstrating that cyber criminals are willing to do almost anything to extort businesses and individuals in order to facilitate unauthorised access – even during a global pandemic.
“The NCSC’s ACD programme has been instrumental in disrupting these criminals and stemming their efficacy and thus protect the UK’s industries and citizens. This has meant that more malicious activity than ever has been detected and mitigated, which is testament to the strategy and the partners that support it with insight and capability
“It’s also positive to see the widespread take up of Logging Made Easy by local authorities, the importance placed on tackling telecommunication network security including reducing signaling risks in UK networks, and the plans to expand ACD availability to the charity sector, and beyond.
“Moving forward, we must continue to be as agile and flexible as possible in responding to the evolving threat landscape. We must ensure we able to take full advantage of multi-disciplinary innovations and capability we have at our collective disposal.
“Beyond the immediate benefits for public and private sector organisations that are now using the NCSC's ACD services, we are starting to see the tremendous potential of the data that the ACD solutions provide. Data is the future of a more robustly evidence-based approach to cyber resilience, and the NCSC's approach to understanding digital economy level threats, and insights to target interventions are only the beginning of what will be possible as we continue to collaborate, and enhance our capabilities."