On October 23, the United Kingdom National Cyber Security Centre (NCSC) issued its Annual Review 2019. The Review stated that during 2019, the NCSC had defended the United Kingdom against 658 cyberattacks.
Other NCSC findings and accomplishments in the Review included the following:
- General Computer Misuse: In the year ending March 2019, adults 16 and over experienced an estimated 966,000 incidents of computer misuse.
- Public Attitudes: The Review included the results of the first UK Cyber Survey of individuals and organizations. The Cyber Survey included the following findings:
- 80 percent said that cyber security is a high priority to them, with 50 percent saying it is a “very high” priority and 30 percent saying it is a “fairly high” priority.
- 68 percent of respondents said that they knew a great deal (15 percent) or a fair amount (53 percent) about how to protect themselves online.
- 70 percent “believe they will likely be a victim of at least one specific type of cyber crime over the next two years, and most feel there would be a big personal impact.” For example, 42 percent thought that they would have money stolen, but that the money reimbursed, while 27 percent thought that they would have money stolen and not reimbursed.
- Cyber-Defense: The NCSC took down 177,335 phishing URLs, 62.4 percent of which were removed within 24 hours, and produced 154 threat assessments
- Cooperation and Training: The NCSC enabled 2,886 small businesses across the United Kingdom to do simulated cyber exercising for themselves
The Review also contained a number of details regarding “Operation Haulster,” which the NCSC described as a “pioneering” collaboration between the NCSC and the private sector. Haulster
takes stolen credit cards collected by the NCSC and partners, then, working with UK Finance, repatriates them to banks, often before they are ever used for crime. Card providers are then able to block cards to block cards to protect both financial institutions and the public. In most cases, this has been done before a crime has taken place, meaning hundreds of thousands of victims of high-end cyber crime were protected before they lost a penny.
Haulster reportedly has already flagged “fraudulent intention against more than one million stolen credit cards,” and now “is in the process of scaling this operation,” in hopes of reducing considerably more attacks in the near future.”
N.B.: Cybersecurity teams at companies doing business in the United Kingdom should read the Review, to learn more about public attitudes towards cybercrime and the NCSC’s cyberdefense and outreach efforts. Given the rapid pace at which new exploits can be successfully devised and launched, and the sheer number of cyberattacks, increasing public-private cooperation on cybersecurity issues is more important than ever.