The UK Will Be Hit By A Category One Cyber-Attack

Uploaded on 2018-11-12 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

The UK has not yet faced what would be considered a ‘category one’ cyber-attack, but there is little doubt that it will happen in the years ahead, according to Peter Yapp, the deputy director at the National Cyber Security Centre, which is a core part of the UK government intelligence agency, GCHQ.

Speaking at the inaugural Cyber Security Connect UK conference held in Monaco recently, Yapp explained that since the NCSC was launched over two years ago, it had dealt with 1100 cyber security incidents, or more than 10 a week.

“The majority of these incidents were from hostile nation states, meaning computer hackers that are directed, sponsored or tolerated by governments of those countries and these are the most acute and direct cyber security threats to our national security,” he said.

As a result of these continuing attacks, and the looming prospect of being hit by a devastating category one attack, Yapp suggested that the UK had to be alert to the threat from countries who sought to attack its critical national networks.

“That’s why earlier this year, the NCSC joined forces with the US government to publish evidence that Russia had attacked critical parts of our national infrastructure. This was a landmark act, as it called out both unacceptable practices but also provided the tools to clean up that particular attack,” Yapp claimed.

However, while the nation states represent the most acute threat, it is low sophistication, high volume cyber-attacks that are the ones most likely to cause the average British citizen harm, he added. This is because the incidents themselves can damage individuals and businesses but more importantly, can undermine the confidence citizens have in the digital economy.

Yapp emphasised that the NCSC has some of the best experts in the world working at NCSC to help combat the threat, but said that cybercrime doesn’t need to be beaten as this is unrealistic, but that NCSC and other government agencies need to make it as challenging, unprofitable and risky as possible for perpetrators.

One example of the work that NCSC has done is the active cyber defence (ACD) initiative, which uses automation to reduce some of the most common weaknesses in the UK’s cyber security defences.

“The programme aims to take away as much of the harm from as many people as we can, as often as we can, and this reduces the damage done by high volume cyber-attacks and frees our world class experts to focus on the most potent attacks,” Yapp said.

The programme has helped to slash the proportion of phishing sites hosted in the UK by 5.3% to 2.4%.

Yapp, who was speaking to C-level information security executive delegates, suggested that the next step was to equip every organisation with the tools they needed to protect themselves, starting with a better understanding of the risks.

“We aren’t asking organisations and citizens to have the same security as a nation state, but they do need to be good enough to repel the most common threats and contain those threats that do make it through. So understanding how cyber-attacks work is vital of getting ahead of the programme,” he said.

Forbes:

You Might Also Read:

Why Has The US Not Been Hit With A Devastating Cyber Attack?

Britain Needs A Cyber Army To Defend Against Prolific Attacks:

 

« Five Questions CEOs Are Asking About AI
How To Get Into Cyber Security: Tips, Strategy And Skills »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

Cyber Exec

Cyber Exec

Cyber Exec is an executive search firm dedicated to global talent acquisition in Cyber Security, Information Technology, Defense...

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

Hypori

Hypori

Hypori is a virtual smartphone solution that makes truly secure BYOD a reality for organizations in healthcare, finance, government, and beyond.

LATRO Services

LATRO Services

LATRO Services is a complete solution provider to discover, locate, and eliminate telecom fraud.

Bitcrack

Bitcrack

Bitcrack Cyber Security helps your company understand and defend your threat landscape using our key experience and skills in cybersecurity, threat mitigation and risk.

Private Machines

Private Machines

Private Machines develops unique patent-pending technology protects cloud and data center workloads.

Software Improvement Group (SIG)

Software Improvement Group (SIG)

Software Improvement Group helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.

Check Point Software Technologies

Check Point Software Technologies

Check Point Software Technologies is a leading provider of cyber security solutions to governments and corporate enterprises globally.

inWebo

inWebo

inWebo is the specialist in multi-factor strong authentication (MFA). We guarantee the security of data and identities in a digital world with increasingly important economic and political stakes.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.

Mother Technologies

Mother Technologies

From Datacentre to Desktop, Mother Technologies has been delivering IT Support, Telecoms, Cybersecurity and Connectivity services to businesses across Scotland and beyond since 2002.

UFS Technology

UFS Technology

UFS, the bank technology outfitter for community banks, provides purpose-built, bank-exclusive technology services and solutions including cybersecurity.

Clumio

Clumio

Clumio provides autonomous backup and recovery for critical cloud data.