National Cyber Security Centre report details cybersecurity threats and responses
The National Cyber Security Centre has prevented thousands of attacks and helped manage the response to widespread cyber threats in the UK in the past year, its report has revealed.
To mark its first year anniversary, the NCSC - part of GCHQ - has released a report that explores its impact in the past 12 months, from developing the UK's cyber defence to reacting to the WannaCry ransomware.
Of the 1,131 cyber incidents reported in the past year, around 590 were deemed significant and 30 of these were then assessed as being sufficiently serious to require a cross-governmental response.
One of these incidents was the cyber-attack on the UK Parliament on 25 June, 2017, in which "email accounts of UK MPs, Peers, their staff and parliamentary officials were the subject of a sustained and determined cyber-attack."
However, those email addresses targeted were because of weak passwords, and that far fewer than 1% of all accounts were compromised, says the report.
On 12 May, the NCSC - and the world - faced "its biggest test of the year" in the form of WannaCry.
With parts of the NHS on shutdown after outdated systems were infected with the ransomware, the first ministerial COBR meeting was called following a cyber-attack.
With the incident affecting 47 NHS Trusts and Foundation Trusts, the NCSC worked with NHS England's emergency response teams to offer victim support, as well as divert ambulances and operations to alternative locations.
At the launch of NCSC's new headquarters in Nova South, Chancellor Phillip Hammond said: "I know how significant the digital sector is for the UK economy - worth over £118bn per year."
"This cutting-edge centre will help to cement our position as a world leader in cyber-security and ensure our country remains resilient against potential attacks."
Report: Financial institutions face cloud-based threats
Over one year into the pandemic, different financial institutions report costly consequences to falling short of protecting their data storage from cloud-based attacks and network disruptions. The report is based on more than 800 responses from IT professionals working in the financial services industry in North America, Latin America, Europe, and the Asia-Pacific region.
- Data breaches are an increasingly significant cost burden for the industry: Worldwide, financial firms that experienced a data breach reported estimated average losses of roughly $4.2 million per attack, with U.S. organisations hit hardest at $4.7 million in estimated losses.
- Network outages also result in costly burdens: Institutions lose an estimated $3.2 million on average with Asia-Pacific followed by European institutions carrying the heaviest losses at $4.3 million and $3.1 million respectively.
- The industry remains a popular target for cloud-based attacks: Over half of all organisations (54%) surveyed suffered a data breach in the last 12 months with 49% plagued by a cloud malware attack as well.
- Cloud and network-based attacks will continue to be a major threat vector: More than 50% of respondents expect to face a combination of IoT attacks, cloud vulnerabilities including misconfigurations, and data manipulation attempts over the next 12 months.
- Threat resolution teams are embracing network visibility for security hygiene: Globally, network monitoring (76%), threat intelligence (64%), and threat hunting (57%) are considered the most effective mitigation tactics against these threats.
Even before the pandemic, tech companies were increasingly seeking moves to the cloud. The COVID-19 crisis has accelerated the adoption of cloud computing by the financial sector as part of its process of digitalisation. As companies transition and move data, there can be a lack of protection due to a number of factors such as undertrained staff and insufficient firewalls.
“The financial services sector has long been a target for bad actors who are following the cyber money trail into the cloud,” said Anthony James, VP of Product Marketing at Infoblox. “As the pandemic pushed IT infrastructures to rely on remote work, cloud-based technologies that enabled digital transformation also created soft spots for cyber criminals to exploit.”
“This report shows us that cloud compromise has become the biggest cybersecurity issue for financial institutions and the investments they are making to protect themselves,” James continued.