Record number of cyber incidents mitigated as NCSC protects vaccine rollout

17 Nov 2021 11:56 AM

The NCSC's 2021 Annual Review highlights the work undertaken to protect the UK over the past 12 months.

• Annual Review from the National Cyber Security Centre, a part of GCHQ, reveals extent of work to protect the UK over the last year
• Wrap-around support offered for 777 cyber incidents, including attacks on coronavirus vaccine research, distribution, and supply chains
• Review also outlines damaging effect of growing ransomware attacks, including against UK councils and Ireland’s healthcare system

The National Cyber Security Centre (NCSC) provided unprecedented support over the past year to organisations, including those on the front line of the pandemic response and vaccine rollout, the organisation’s annual review revealed today (Wednesday).

The NCSC, which is a part of GCHQ, expanded its online defence of the UK by managing an unprecedented 777 incidents over the last twelve months – up from 723 the previous year – with around 20% of organisations supported linked to the health sector and vaccines.

The growth in the number of incidents handled by the NCSC this year is partially reflected in the organisation’s ongoing work to proactively identify threats through the work of its Threat Operations and Assessment teams.

The health sector and in particular the vaccine rollout was a major focus for the NCSC, with the organisation’s world-leading services protecting NHS, healthcare, and vaccine supplier IT systems from malicious domains billions of times.

Over the past 12 months the NCSC also responded to a rise in ransomware attacks, and a range of services have been provided to businesses over the past year to help protect them from ransomware. These include the Early Warning Service alerting organisations to emerging threats through to cyber security advice for those working in education.

These efforts have come against a backdrop of responding to significant global incidents, including the attack on the SolarWinds IT management platform by Russia’s Foreign Intelligence Service – one of the most serious cyber intrusions of recent times – and a major ransomware attack on the American software firm Kaseya.

Lindy Cameron, CEO of the NCSC, yesterday said:

“I’m proud of the way the NCSC has responded to what has been another hugely challenging year for the country as we all continue to navigate our way through the pandemic.

“The support and expertise we have provided for stakeholders from government all the way through to the general public during the pandemic has been vital to keeping the country safe online.

“Undoubtedly there are challenges ahead, but the upcoming National Cyber Strategy combined with the continued engagement from businesses and the public provides a solid foundation for us to continue reducing the impact of online threats.”

In 2020 the NCSC surged its efforts towards protecting healthcare in the wake of the pandemic outbreak, and since then it has channelled further resources towards those involved in the rollout of the vaccine by providing the necessary intelligence and tools to respond to the threats they faced.

This included the extension of the organisation’s Protective Domain Name System (PDNS) service to over 1000 additional organisations within the Health and Social Care sector to support of vaccine development and supply chain organisations.

This extension represented protection of an additional 3 million employees in the sector, from essential workers providing and supporting front line care to those working to develop and deliver vaccines to citizens across the country.

Jeremy Fleming, Director of GCHQ, yesterday said:

“This year we have seen countless examples of cyber security threats: from state sponsored activity to criminal ransomware attacks. It all serves to remind us that what happens online doesn’t stay online – there are real consequences of virtual activity.

“In the face of rising cyber attacks and an evolving threat, this year’s NCSC’s Annual Review shows that world class cyber security, enabled by the expertise of the NCSC as part of GCHQ, continues to be vital to the UK’s safety and prosperity.”

Steve Barclay, The Chancellor of the Duchy of Lancaster yesterday said:

“The National Cyber Security Centre’s Annual Review illustrates the incredible effort of our security service in keeping the public safe over the last year, foiling more cyber attacks than ever before. It also makes clear that cyber crime is taking place on an unprecedented scale with criminals seeking to take advantage of people as they move more of their lives online as a result of the pandemic.

"The Government and its agencies will continue to throw every resource at its disposal to stamp out cyber crime and take down cybercriminals but there are things that we can all do to keep us and those in our communities safe. We want to make sure that everyone knows how to avoid threats online, spot scams and where to report wrongdoing.”

The organisation has also played a major role in protecting the public from scams as they continue to rely on technology through the pandemic. This year, the NCSC’s pioneering Suspicious Email Reporting Service (SERS) received nearly 6m reports, leading to the removal of more than 53,000 scams. Since launching in April 2020, the SERS has received more than 8 million reports, with more than 67,000 scams taken down as a result.

Some of the key statistics from the Annual Review included:

• Handling an unprecedented 777 incidents in the last year – a rise from 723 last year and an average of 643 since launching in 2016.
• 5.9 million reports of malicious content to the Suspicious Email Reporting Service over the last 12 months – leading to the removal of more than 53,000 scams and 96,500 URLs
• Engagement with around 5,000 organisations providing an essential service during the pandemic, from well-known brands through to small businesses
• Issued guidance and threat assessments to over 80 companies and 14 universities
• The Active Cyber Defence programme has taken down 2.3 million cyber-enabled commodity campaigns, 442 phishing campaigns using NHS branding, and 80 illegitimate NHS apps hosted and available to download outside of official app stores.

Support for academic institutions conducting vaccine research was one of the key interventions for the NCSC during the pandemic response. As a result of implementing the NCSC’s services, the University of Oxford protected itself from an attempted ransomware attempt with the potential to cause significant disruption.

The organisation also offered support to the devolved administrations, for example providing technical advice to the home nations on their vaccination booking systems.

Elsewhere, the review details the NCSC’s continued drive to increase cyber security skills and diversity in the industry, including through the pioneering CyberFirst programme. The programme, now in its fourth year, has introduced over 56,000 11- to 17-year-olds to the world of tech and cyber security.

That includes more than 6,500 pupils from 600 schools who entered the NCSC’s pioneering CyberFirst Girls Competition this year. The competition, which was set up in 2017 to help address gender diversity in the sector, has seen more than 43,000 pupils from across the UK take part since its inception.

Read the Annual Review