The UK Will Be Hit By A Category One Cyber-Attack

Uploaded on 2018-11-12 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

The UK has not yet faced what would be considered a ‘category one’ cyber-attack, but there is little doubt that it will happen in the years ahead, according to Peter Yapp, the deputy director at the National Cyber Security Centre, which is a core part of the UK government intelligence agency, GCHQ.

Speaking at the inaugural Cyber Security Connect UK conference held in Monaco recently, Yapp explained that since the NCSC was launched over two years ago, it had dealt with 1100 cyber security incidents, or more than 10 a week.

“The majority of these incidents were from hostile nation states, meaning computer hackers that are directed, sponsored or tolerated by governments of those countries and these are the most acute and direct cyber security threats to our national security,” he said.

As a result of these continuing attacks, and the looming prospect of being hit by a devastating category one attack, Yapp suggested that the UK had to be alert to the threat from countries who sought to attack its critical national networks.

“That’s why earlier this year, the NCSC joined forces with the US government to publish evidence that Russia had attacked critical parts of our national infrastructure. This was a landmark act, as it called out both unacceptable practices but also provided the tools to clean up that particular attack,” Yapp claimed.

However, while the nation states represent the most acute threat, it is low sophistication, high volume cyber-attacks that are the ones most likely to cause the average British citizen harm, he added. This is because the incidents themselves can damage individuals and businesses but more importantly, can undermine the confidence citizens have in the digital economy.

Yapp emphasised that the NCSC has some of the best experts in the world working at NCSC to help combat the threat, but said that cybercrime doesn’t need to be beaten as this is unrealistic, but that NCSC and other government agencies need to make it as challenging, unprofitable and risky as possible for perpetrators.

One example of the work that NCSC has done is the active cyber defence (ACD) initiative, which uses automation to reduce some of the most common weaknesses in the UK’s cyber security defences.

“The programme aims to take away as much of the harm from as many people as we can, as often as we can, and this reduces the damage done by high volume cyber-attacks and frees our world class experts to focus on the most potent attacks,” Yapp said.

The programme has helped to slash the proportion of phishing sites hosted in the UK by 5.3% to 2.4%.

Yapp, who was speaking to C-level information security executive delegates, suggested that the next step was to equip every organisation with the tools they needed to protect themselves, starting with a better understanding of the risks.

“We aren’t asking organisations and citizens to have the same security as a nation state, but they do need to be good enough to repel the most common threats and contain those threats that do make it through. So understanding how cyber-attacks work is vital of getting ahead of the programme,” he said.

Forbes:

You Might Also Read:

Why Has The US Not Been Hit With A Devastating Cyber Attack?

Britain Needs A Cyber Army To Defend Against Prolific Attacks:

 

« Five Questions CEOs Are Asking About AI
How To Get Into Cyber Security: Tips, Strategy And Skills »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Forensic Control

Forensic Control

Forensic Control specialise in providing simple & straightforward Cyber Security to organisations, helping them assess, prevent and respond to cyber threats.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

DXC Technology

DXC Technology

DXC Technology helps global companies run their mission critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Mantix4

Mantix4

Mantix4’s M4 Cyber Threat Hunting Platform actively defends against cyber threats.

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

GCSCC's work is focused on developing a framework for understanding what works, what doesn’t work and why – across all areas of cybersecurity capacity.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Thrive

Thrive

Thrive delivers the experience, resources, and expertise needed to create a comprehensive cyber security plan that covers your vital data, SaaS applications, end users, and critical infrastructure.

Navixia

Navixia

As a leading Swiss IT security specialist, Navixia offers a global and pragmatic approach to information security.

Bigbee Technology

Bigbee Technology

Bigbee Technology are an IT solutions company based in Dar es Salaam founded by a group of professionals from around the globe.

CYOSS

CYOSS

CYOSS, an ESG Group company, is a specialist in Cyber Security and Data Analytics. We focus on the opportunities of a networked world and make security risks manageable.

Cynomi

Cynomi

Cynomi is a leading strategic cybersecurity operations platform that automates cybersecurity knowledge and expertise to empower teams with little to no in-house expertise.

IgmGuru

IgmGuru

Igmguru offers certification online training courses for IT professionals and students. Get certified with high-in-demand job-oriented professional courses.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.

Synergy ECP

Synergy ECP

Synergy ECP has a talented, dedicated staff to provide a broad range of services to the defense and intelligence industries.

P3M Works

P3M Works

P3M Works delivers Cyber Security and Digital Transformation projects across both private and public sector clients.