This month’s cyber security round-up covers a report by the National Cyber Security Centre (NCSC) revealing it recieved 1,131 incident reports, with 590 classed as ‘significant’, a cyber expert’s response to the report and Yahoo admitting every account on its system at the time of the 2013 data breach was affected in the cyber attack.
National Cyber Security Centre responds to 590 significant incidents
A report marking the first anniversary of the National Cyber Security Centre (NCSC) reveals cyber experts received 1,131 incident reports, with 590 classed as ‘significant’. In a statement, it said while there is still much work to be done, in its first 12 months the organisation has prevented thousands of attacks, provided vital support for the UK’s Armed Forces and managed hundreds of incidents. It revealed that tens of millions of attacks are blocked every week by its industry partner implementing NCSC’s Active Cyber Defence programme.
“The NCSC has also made an impact on the future of cyber security, helping to foster a talent pipeline of the next generation of experts and working with business and academia to create a culture where technology can thrive”, the statement said.
Jeremy Fleming, director of GCHQ said the threats to the UK are evolving rapidly as technology advances. Our response has been to transform to stay ahead of them.”Ciaran Martin, CEO of the NCSC, said while they incredibly proud of what their achievements, “…the threat remains very real and growing – further attacks will happen and there is much more for us to do to make the UK the safest place in the world to live and do business online.”
The NCSC was created as part of the five year National Cyber Security Strategy (NCSS) announced in 2016, supported by £1.9billion of transformational investment.
Cyber expert responds to the National Cyber Security Centre report
Cyber security expert and lead at Mishcon de Reya, Joe Hancock, has responded to the National Cyber Security Centre report saying 1000 attacks may seem like a large number, but the reality is that these are the tip of the iceberg.
“The majority of attacks on business, government and third sector organisations go unreported and often undetected”, Hancock said. “Behind these high-profile incidents, there are the millions of online crimes that affect individuals every day.”
He said at Mishcon de Reya, they routinely deal with these issues “and it is clear to us that more needs to be done to support law enforcement in supporting both victims and responders to detect and recover from them better.”
“The NCSC is a critical part of the UK’s strategy to become one of the safest places to be online. We are keen to see this strategy broadened with further investment.”
Public and IT leaders worried about NHS’ ability to keep patient data safe, says report
Another report, specifically on cyber attacks on the NHS, explores how well prepared the NHS is for attacks, and how it might better protect itself to preserve the security of the UK and its people.
Following a series of high profile incidents earlier this year, tech giants VMware and Intel commissioned research among both the public and NHS IT leaders following a series of high profile cyberattacks. The top findings of the report, ‘Securing a new lifeline for the NHS’, are that consumers are concerned that the NHS can’t keep their data safe, and IT leaders fear harm to patients from widespread hacking of confidential data.
Almost 80 percent believe the NHS is at imminent risk of further cyber attacks, while two thirds are concerned about the NHS’ ability to protect their personal data from a successful cyber attack.
From an IT leaders point of view, almost a third of IT leaders believe hackers have infiltrated electronic patient data, with 62 percent concerned that attacks on equipment or facilities could result in patients coming to harm.
Yahoo accounts affected by 2013 cyber attack
Yahoo has revealed every single account on its system at the time of the 2013 data breach was affected in the cyber attack.
The historic hack, which occurred in 2013, could have resulted in the company losing the personal details and passwords of one billion accounts, it admitted. According to The Telegraph, the company said new intelligence suggests as many as 3 billion accounts were compromised in the attack, which was first revealed last December. It had previously admitted around 1 billion accounts were affected.
“Based on an analysis of the information with the assistance of outside forensic experts, Yahoo has determined that all accounts that existed at the time of the August 2013 theft were likely affected,” it said.
The breach saw email addresses, passwords, telephone numbers and birth dates at risk of having been taken. However, the stolen information did not include payment or bank account details.
Yahoo had urged all its users to change its passwords, though had specifically notified the 1 billion user accounts it thought were compromised. Yahoo has now sent emails to the additional 2 billion users believed to be affected, Yahoo reports.