The UK Will Be Hit By A Category One Cyber-Attack

The UK has not yet faced what would be considered a ‘category one’ cyber-attack, but there is little doubt that it will happen in the years ahead, according to Peter Yapp, the deputy director at the National Cyber Security Centre, which is a core part of the UK government intelligence agency, GCHQ.

Speaking at the inaugural Cyber Security Connect UK conference held in Monaco recently, Yapp explained that since the NCSC was launched over two years ago, it had dealt with 1100 cyber security incidents, or more than 10 a week.

“The majority of these incidents were from hostile nation states, meaning computer hackers that are directed, sponsored or tolerated by governments of those countries and these are the most acute and direct cyber security threats to our national security,” he said.

As a result of these continuing attacks, and the looming prospect of being hit by a devastating category one attack, Yapp suggested that the UK had to be alert to the threat from countries who sought to attack its critical national networks.

“That’s why earlier this year, the NCSC joined forces with the US government to publish evidence that Russia had attacked critical parts of our national infrastructure. This was a landmark act, as it called out both unacceptable practices but also provided the tools to clean up that particular attack,” Yapp claimed.

However, while the nation states represent the most acute threat, it is low sophistication, high volume cyber-attacks that are the ones most likely to cause the average British citizen harm, he added. This is because the incidents themselves can damage individuals and businesses but more importantly, can undermine the confidence citizens have in the digital economy.

Yapp emphasised that the NCSC has some of the best experts in the world working at NCSC to help combat the threat, but said that cybercrime doesn’t need to be beaten as this is unrealistic, but that NCSC and other government agencies need to make it as challenging, unprofitable and risky as possible for perpetrators.

One example of the work that NCSC has done is the active cyber defence (ACD) initiative, which uses automation to reduce some of the most common weaknesses in the UK’s cyber security defences.

“The programme aims to take away as much of the harm from as many people as we can, as often as we can, and this reduces the damage done by high volume cyber-attacks and frees our world class experts to focus on the most potent attacks,” Yapp said.

The programme has helped to slash the proportion of phishing sites hosted in the UK by 5.3% to 2.4%.

Yapp, who was speaking to C-level information security executive delegates, suggested that the next step was to equip every organisation with the tools they needed to protect themselves, starting with a better understanding of the risks.

“We aren’t asking organisations and citizens to have the same security as a nation state, but they do need to be good enough to repel the most common threats and contain those threats that do make it through. So understanding how cyber-attacks work is vital of getting ahead of the programme,” he said.

Forbes:

You Might Also Read:

Why Has The US Not Been Hit With A Devastating Cyber Attack?

Britain Needs A Cyber Army To Defend Against Prolific Attacks:

 

« Five Questions CEOs Are Asking About AI
How To Get Into Cyber Security: Tips, Strategy And Skills »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Grid32

Grid32

Grid32 provides independent computer system and physical security audit services to government and corporate clients of all sizes.

Promon

Promon

Promon is an application security vendor providing Self-Protection abilities to Mobile apps and Desktop applications.

EG-CERT

EG-CERT

EG-CERT is the national Computer Emergency Response Team for Egypt.

Sigma Payment Solutions

Sigma Payment Solutions

Sigma Payment Solutions offers a comprehensive suite of automated payment processing services, solutions, and technology to businesses in the USA.

SecureBrain

SecureBrain

SecureBrain software and services help protect against Japanese-specific cybercrime and global internet security threats such as online fraud, phishing, drive-by downloads and malware attacks.

RazorSecure

RazorSecure

RazorSecure offers products and services to enhance railway cyber security, by protecting and monitoring networks and key systems.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Swiss Cyber Storm

Swiss Cyber Storm

Swiss Cyber Storm is a non profit organization hosting the international Swiss Cyber Storm Conference and running the Swiss part of the European Cyber Security Challenges.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

2Keys

2Keys

2Keys designs, deploys and operates Digital Identity Platforms and Cyber Security Platforms through Managed Service and Professional Service engagements.

Human Security

Human Security

Human (formerly White Ops) Bot Mitigation Platform enables complete protection from sophisticated bot attacks across advertising, marketing and cybersecurity.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

Trusted Security Solutions (TSS)

Trusted Security Solutions (TSS)

TSS are specialist in IT Security and providing Cybersecurity Solutions & Services combined with storage and backup.

Ermes

Ermes

Ermes – Intelligent Web Protection provides companies with a solution that effectively secures them against web threats.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.