The National Cyber Security Centre (NCSC) recently released its fifth annual review of the state of cybersecurity in the United Kingdom. The report is presented under five headings including an analysis of and response “The Threat,” advice for resilience, advances in threat detection and prevention technology, improving the cybersecurity ecosystem, and global leadership.

The overarching message of the report is to provide safety for all online activities of all UK citizens. This is achieved through a transparent approach. As stated by Lindy Cameron, CEO of the NCSC, “A big part of the NCSC’s mission involves sharing and collaborating with organizations and the public.”

What’s in the NCSC Report?

Whilst the first section is innocuously titled “The Threat,” it not only identifies the observed threats of the prior year, but it also reveals the methods used to detect and deter them. As anticipated, ransomware remained a top concern, with those events having tripled compared to 2019. The COVID-19 crisis also factored into the threat landscape. The newest threat, introduced on a large scale, was that of the supply chain attacks, as evidenced in the SolarWinds attack. In April, the NCSC assessed that Russia’s Foreign Intelligence Service (SVR) was highly likely to have been responsible for the attack.

Attacks such as the SolarWinds event have real-world impacts. According to the report, goods and services were directly affected. In fact, “Due to the interconnected nature of cyberspace most major attacks carried out overseas caused an impact in the UK.” The NCSC responded in the Solar Winds attack by identifying affected organizations and sectors, which further aided the investigation, providing technical advice and support. Ultimately, a technical advisory with mitigation advice was issued by the NCSC in partnership with four other agencies.

It brings comfort to know that an entire consortium of governmental (Read more...)