UK suffered 590 significant cyber-attacks in the last 12 months, says NCSC director

UK suffered 590 significant cyber-attacks in the last 12 months, says NCSC director

UK suffered 590 significant cyber-attacks in the last 12 months

The UK faced as many as 590 significant cyber-attacks in the last year, 30 of which were Category 2 attacks, the NCSC's Director of Operations has revealed.

The NCSC's Director of Operations believes it is only a matter of time before the UK faces a Category 1 cyber-attack.

Speaking to BBC Radio 4's Today programme this morning, Paul Chichester, the Director of Operations at the National Cyber Security Centre, said the UK suffered as many as 590 significant cyber-attacks in the last year, and that he fears there will be more in the coming days.

Of all cyber-attacks that the country faced in the last year, as many as 30 were Category 2 attacks. These attacks are the ones that create major disruptions and require a cross-departmental response. Major ransomware attacks like WannaCry and NotPetya were listed as Category 2 attacks by the NCSC.

"We saw a small scale event ramp up very quickly into a national event. The threat is increasing; you can see criminals and nation states really starting to see the power and the opportunities that attacks in cyberspace can offer them," he said during the programme.

Security firm Gemalto's Breach Level Index for the first half of 2017 has revealed that business organisations, healthcare firms and tech companies lost more than 28 million data records to cyber criminals. Of these, 26 million were lost in a single incident suffered by the NHS.

According to data obtained by security research firm Corero through a Freedom of Information request, as many as 39% of critical infrastructure organisations in the UK, including fire and rescue services, police forces, ambulance trusts, NHS trusts, energy suppliers, and transport organisations have not completed the government-mandated '10 Steps to Cyber Security’ programme.

This is despite the fact that the 10-step cyber security programme was published back in 2012. Corero said that this indicates 'a lack of cyber resilience within organisations which are critical to the functioning of UK society'.

The lack of preparation on part of critical infrastructure firms, NHS organisations, as well as large and medium businesses to guard against cyber-attacks in the future has increased the possibility of such firms falling victims to future attacks. Use of legacy systems has also endangered the security of other critical assets like the Trident nuclear submarines, aircraft carriers, nuclear power plants and other energy firms.

The threat level is so high that Ciaran Martin, the chief executive of the National Cyber Security Centre, believes that a Category 1 cyber-attack could be around the corner.

"Those are the two areas where we've seen the greatest threat, not just what we've been worried about as we've monitored intrusions against the UK, but also we've seen those attacks realised in other countries," he said.

Copyright Lyonsdown Limited 2020

Top Articles

Universal Health Services lost $67m to a Ryuk ransomware attack last year

Universal Health Services said the cyber attack cost it $67 million in remediation efforts, loss of acute care services, and other expenses.

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Related Articles