The National Cyber Security Centre (NCSC), an integral division of the Government Communication Headquarters (GCHQ), serves as the UK’s foremost technical authority in the realm of cyber security. Since 2016, its primary goal has been to enhance online safety within the UK, striving to create a secure environment for both living and working on the internet. Amidst the escalating complexities of the digital landscape, the NCSC aims to provide clarity and valuable insights.
Their annual review delves into the highlights and significant milestones achieved by the NCSC during its seventh year, as well as offering a glimpse into any upcoming challenges.
Given its role as a national security agency, not all of the NCSC's endeavours can be publicly disclosed. However, the annual review aims to capture the essence of the year by sharing insights and factual information acquired from both internal and external sources, shedding light on the organisation's activities.
In this blog, we’ve highlighted some of the key points from NCSC’s annual report.
Chapter 1: Threats and Risks
The ever-evolving global threats highlight how crucial the NCSC's role is as the UK’s foremost technical authority in cyber security. It is imperative for the NCSC to persistently identify, monitor, and analyse crucial cyber security threats, risks, and vulnerabilities. By doing so, the NCSC empowers and assists the broader government and society in proactively anticipating and effectively addressing both emerging and persistent challenges in the cyber realm, and cyber threats to critical national infrastructure.
- China's rapid rise as a technological powerhouse poses a major security challenge to the UK. There are signs of China-backed cyber groups using advanced tactics, directly threatening UK interests.
- Russia’s invasion of Ukraine in February 2022 has heightened the importance of the NCSC helping Ukraine to develop their cyber resilience. There is continuous cyber activity targeting Ukraine by Russia and Russian-aligned actors including a series of distributed‑denial-of-service (DDoS) and data wiper attacks against the Ukrainian government and industry.
- In January, the NCSC released an advisory emphasising the phishing activities directed at specific individuals within sectors of interest to Iran. In July, the UK government raised concerns about Iran's increased threat level, citing attempts to harm or abduct recognised opponents outside Iran, even within the UK. The NCSC continues to work closely with government and industry partners to understand and address cyber risks from Iran.
- Ransomware remains a major cyber threat in the UK, prompting organisations to take proactive measures for protection. Cyber criminals primarily use data theft and encryption to maximise profits. However, a rising trend is data extortion attacks, where information is stolen without encryption, indicating a shift in cyber threats.
- Fraud remains a major concern for UK businesses and citizens. Throughout 2021, over 80% of all reported fraud cases in the UK were linked to cyber activities, yet merely 32% of UK citizens believed they were susceptible to falling victim. In the preceding year, the Cyber Aware campaign by the UK government aided individuals and small businesses in enhancing their personal cyber resilience by advocating safe password practise by using a password based on three random words and securing accounts by enabling two-step verification (2SV).
- A new cyber threat emerged in 2023 to Critical National Infrastructure (CNI), involving state-aligned actors alongside existing threats. Their cyber activities include denial-of-service attacks (DDoS), website defacements, and spreading misinformation.
- AI technology is evolving rapidly. Opponents like hostile states and cyber criminals seek to exploit it for their own gain. It's expected that AI will enhance existing cyber threats rather than create new ones. There's a high likelihood that it will significantly speed up and amplify certain attacks. The NCSC and the government are actively working to assess and tackle potential AI-related threats and risks.
This year, the NCSC received a record 2,005 cyber incident reports, a 64% increase from the previous year's 1,226. Among these, 327 incidents involved data extraction. The NCSC also issued 24.48 million notifications through their Early Warning service, emphasising the urgent requirement for stronger cyber security measures in today's digital environment.
Chapter 2: Resilience
The NCSC is dedicated to strengthening the UK's cyber resilience for both economic and national security interests. Their interventions aim to prepare, respond, recover, and learn from cyber attacks, striving to make the UK the safest online environment for living and working.
- Since the release of the National Cyber Strategy 2022, the government has focused on ensuring national online safety and fostering growth in the cyber industry. Trust groups comprising individuals from various industries have successfully raised cyber resilience across sectors by providing guidance and information for businesses, big and small.
- The NCSC is actively developing the Share and Defend capability to enable the swift sharing of government and industry data on malicious domains. This initiative helps service providers proactively protect citizens and small organisations from potential threats.
- The Funded Cyber Essentials Programme, initially targeting vulnerable small organisations in the legal aid and charity sectors, extends funding and technical support for obtaining Cyber Essentials Plus certification.
- In its sixth year, the Active Cyber Defence (ACD) collection of products and services significantly bolsters the UK's defence against cyber attacks by distributing threat intelligence, mitigating vulnerabilities, and responding to breaches amidst evolving threats and exploits.
Chapter 3: Ecosystem
- The UK's cyber security sector is valued at £10.5 billion, housing nearly 2,000 firms and employing over 58,000 people, reflecting a demand for skilled professionals. It's a leading sub-sector in UK security exports, growing from £4 billion in 2020 to £5 billion in 2021.
- The NCSC's CyberFirst programme, aimed at engaging youth in cyber security, engaged nearly 9,000 girls in last year's Girls Competition. Their Schools & Colleges initiative expanded, recognising 105 institutions for exceptional technology and cyber security teaching.
- The NCSC's Industry 100 (i100) initiative saw continued growth, with 41 new participants, expanding the community to 123. Notable achievements include integrating Fujitsu into i100 and contributing expertise to initiatives such as the UK Legal Sector Cyber Threat report, NCSC's Cyber Security Toolkit for Boards, and the Cross Financial Sector Incident Playbook.
Chapter 4: Technology
Technology's advancement brings an evolving cyber threat landscape. ChatGPT's launch triggered significant interest in Artificial Intelligence (AI), extensively covered in national news. The NCSC conducted thorough AI security research, collaborating with global partners and engaging the UK's public and private sectors to harness AI's benefits while addressing risks.
- In the rapidly evolving realm of AI, integrating cyber security throughout its life cycle is crucial. The NCSC aims to prioritise cyber security as a fundamental requirement for ensuring the safety, reliability, consistency, and ethical conduct of AI systems, advocating a 'secure by design' approach from inception. A good start for organisations who are looking to incorporate AI into their operational processes would be to develop an AI-Acceptable use policy.
- The NCSC's latest research problem book guides cyber security research toward critical challenges hindering improvements. Establishing Principles-Based Assurance (PBA) heavily involves industry partnerships. Initiatives like the national network of Cyber Resilience Test Facilities (CRTFs) independently assess technologies, enhancing cyber resilience on a national scale. Recognising technology's global reach, the NCSC emphasises mutual recognition between PBA and other assurance schemes. International collaborations across UK government departments aim to maximise the new assurance regime's impact globally.
- Telecommunications networks underpin the UK's digital infrastructure and economy. The Department for Science, Innovation, and Technology (DSIT) inaugurated the UK Telecommunications Lab in Solihull, operated by the National Physical Laboratory (NPL), enhancing telecoms equipment security. The NCSC's guidance in telecoms security has been instrumental in driving the lab's success, a milestone achieved through collaboration between DSIT, NCSC, and NPL, initiated in 2019 and realised in 2023.
Conclusion
This year's assessment highlights the NCSC's efforts to educate and empower individuals for secure online navigation in the UK. Looking to 2024, safeguarding democratic processes will be a key focus, especially with pivotal elections approaching. The NCSC is committed to adaptability, emphasising emerging technologies like AI and quantum computing. Strengthening partnerships, both nationally and globally, remains a top priority. CYBERUK will relocate from Belfast to Birmingham in 2024, extending the NCSC's influence across the UK.
At Sharp, we advocate a multi-layered approach to cyber security, beginning with fostering a security-aware culture within your organisation.
