Brian Sims
Editor
Brian Sims
Editor
AN ONLINE service which alerts organisations to potential cyber attacks affecting their networks has been launched by the country’s cyber security experts. The new Early Warning service from the National Cyber Security Centre (NCSC) – a part of GCHQ – is designed to help organisations defend against cyber attacks by providing timely notifications about possible incidents and security issues.
The free service automatically filters through trusted threat intelligence sources to offer specialised alerts for organisations such that they can investigate malicious activity and take the necessary steps to protect themselves.
Organisations are being encouraged to sign up for Early Warning, which was launched on the first day of the NCSC’s CYBERUK virtual gathering during which Home Secretary Priti Patel gave a keynote speech. The launch follows on from a successful trial involving users representing a range of sectors.
Eleanor Fairford, the NCSC’s deputy director for incident management, said: “When it comes to defending against online threats, having relevant and timely alerts you can trust about malicious activity is vital for any organisation. The NCSC’s new Early Warning service delivers on this by providing organisations with specialised alerts about potential cyber threats affecting their networks.”
Fairford continued: “We encourage organisations to sign up for this service. It will help them to resolve security issues quickly and reduce the risk of serious harm being done.”
Point of support and contact
One of the NCSC’s key roles is to be a point of support and contact for organisations reporting cyber incidents. Early Warning is the latest Active Cyber Defence (ACD) service aimed at helping them improve their cyber resilience.
Subscribing to Early Warning comes with a number of unique benefits, including alerts based on an organisation’s network details and access to information feeds that are unavailable elsewhere.
Organisations will receive different types of alert covering possible network compromises, notification of how their assets have been associated with undesirable activity or about their networks running vulnerable services that may need updating.
The Early Warning service is designed to fit into an organisation’s wider defence strategy and also complement existing cyber security controls by adding another layer of defence.
Protection during pandemic
Cyber security experts in the UK have overseen a massive fifteen-fold increase in the number of scams removed from the Internet. In its fourth Annual Report on the ACD Programme, the NCSC disclosed that it has taken down more scams in the last year than in the previous three years combined as the organisation moved to further protect the UK public and critical services such as the NHS during the Coronavirus pandemic.
The ACD Programme is a pioneering service which protects the UK from millions of cyber attacks and which was expanded during 2020.
The NCSC’s response to the pandemic included the introduction of the hugely successful Suspicious e-Mail Reporting Service, a new feature of the ACD Programme launched in April last year which received nearly four million reports of suspect e-mails from members of the public last year alone.
The organisation also worked with allies to call out hostile state activity and exposed Russian attacks on Coronavirus vaccine development. To help ensure young people were able to continue learning valuable cyber security skills, the NCSC also moved its CyberFirst courses online for the first time, in turn leading to record numbers of sign-ups.
Lindy Cameron, CEO at the NCSC, said: “The ACD report offers a helpful insight into just some of the ways in which the NCSC has adapted to protect the UK during the pandemic. Whether it has been protecting vital research into the vaccine or helping people to work from home securely, the NCSC has worked with partners to protect the digital homeland during this unprecedented period.”
Dr Ian Levy, technical director of the NCSC, added: “The ACD Programme is truly a collaborative effort. It’s thanks to our joint efforts with partners both at home and internationally that we’ve been able to significantly ramp up our efforts to protect the UK. This has never been more important than in the last year, where it was vital for us to do everything we could to protect our most critical services and the wider public during the pandemic. The bold defensive approach taken by the ACD Programme continues to ensure our national resilience. I urge public bodies, companies and the general public to sign up to the services available and help everyone stay safe online.”
Areas of focus
One particular area of focus for the ACD Programme last year was protecting the NHS. The Annual Report details efforts designed to monitor for attacks that sought to harvest NHS credentials and potentially compromise critical systems. In 2020, the ACD Programme detected 122 phishing campaigns using NHS branding compared to 36 in 2019.
Among the lures were those using the COVID-19 NHS vaccine roll-out, the first of which was picked up in December. Others included fake or unofficial copies of the NHS Test and Trace mobile app, with the removal of 43 instances of NHS apps hosted and available for download outside of the official Apple and Google app stores.
Beyond the NHS, other areas protected included TV Licensing, which saw a surge in attacks that corresponded with news of changes to TV Licensing entitlements for UK pensioners during July 2020.
While the level of Brexit-themed UK Government phishing was low during 2020, attempts to clone part of the gov.uk website were identified in December. The attack was taken down promptly and the relevant departments notified.
