Over one in four security incidents handled by the U.K.’s National Cyber Security Centre (NCSC) last year were COVID-19 related cyberthreats. In its annual threat review report, the agency stated the number of attacks surged from an average of 600 incidents over the past three years to 723 incidents now. It was found that organizations in the U.K. suffered an average of 60 cyberattacks per month from September 2019 to August 2020. The report revealed details of 160 high-risk and critical vulnerabilities with trusts, including 51,000 indicators of compromise (IOCs).
The NCSC’s defense system took down over 15,000 COVID-related malicious campaigns last year and blocked nearly 260 Sender IDs for sending malicious SMS messages. In addition, the agency prevented over 166,000 phishing URLs, in which 65% were within a day and 2.3 million suspect emails were forwarded to its new Suspicious Email Reporting Service (SERS).
The NCSC also highlighted that it performed threat hunting on 1.4 million National Health Service (NHS) endpoints, and scanned over one million IP addresses to detect security weaknesses and applied its Active Cyber Defense services to 235 frontline health care providers with web, email security, and DNS protection.
Paul Chichester, NCSC Director of operations, said, “We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic. Working with our allies, the NCSC is committed to protecting our most critical assets and our top priority at this time is to protect the health sector. We would urge organizations to familiarize themselves with the advice we have published to help defend their networks.”
NCSC’s New Vulnerability Reporting Toolkit
Recently, NCSC released a new “Vulnerability Reporting Toolkit,” which is intended to help organizations manage their vulnerability disclosure processes in a simplified manner. The Toolkit is helpful for all types of organizations that are planning to implement a vulnerability disclosure process in their system. Read more…