In the last 12 months, the UK has been hit by more than 30 cyberattacks that were so serious as to “require a cross-government response”.
A subsidiary of GCHQ, the National Cyber Security Centre (NCSC) was launched last year and has released a report to mark its first anniversary, detailing its work and the threat landscape it has faced so far. Since October 2016, the centre has received 1,191 cyber incident reports, of which 590 were “classed as significant”.
In excess of 30 of these saw the NCSC leading the government in orchestrating a national response.
“We are learning more from every incident, and our first year has taught us there are benefits to working even more closely with law-enforcement agencies,” the centre said. “Much progress has already been made, supported by National Crime Agency officers embedded within our incident-management team, and we continue to work ever more closely together.”
Three months ago, NCSC launched a number of services designed to help the public sector stay safe online. According to the centre, its strategy for blocking fake emails has already helped prevent 79,567 attacks, and reduced the average amount of time a phishing site is active from 27 hours to just one hour. Meanwhile, its Domain Name Service for logging dangerous sites resulted in 20,410 domains being blocked in August, the NCSC said.
Ciaran Martin, chief executive officer of the NCSC, said that the centre had played a crucial role in helping departments to reduce the risk of attacks and protect critical national assets.
"Over the course of the past year we produced over 200,000 protected items for Armed Forces communications," he said.
"We have supported the Cabinet Office in developing more secure communications for key government organisations, and the Home Office in ensuring the security of new mobile communications for our vital emergency services."
The NCSC - which was set up to have a more outward-facing role than GCHQ - said that one of the important ways in which it differs from similar organisations that preceded it is the remit to function not just in the service of central government, but also to help the wider public sector and commercial enterprises.
To which end it recently held a Digital Government Loft event in London, which enabled local-government, health, and emergency-services professionals to avail themselves of advice from the centre’s cybersecurity experts. Similar events are now planned for Scotland, and Shipley, in West Yorkshire.
Jeremy Fleming, director of GCHQ, said that the threats to the UK are evolving rapidly as technology advances.
He continued: “The NCSC is a pivotal part of that transformation. It is a critical component not only of GCHQ, where it benefits from the data and expertise it has access to as part of the intelligence community, but of how the government as a whole works to keep the UK safe.
“The NCSC has brought together unparalleled skills, capabilities and partnerships and in its first year has made enormous strides in increasing and improving our cyber capabilities. It is in the front line in protecting the UK against a growing number of cyber attacks.”