The UK has been hit by more than 500 “significant” cyber attacks in the last year, security chiefs have revealed. Experts at the National Cyber Security Centre (NCSC) registered 1,131 incidents in the 12 months since the organisation began work in October 2016.
Officials classed 590 of the reported incidents as significant, with more than 30 assessed serious enough to require a cross-government response. Organisations targeted over the year ranged from key national institutions to small and large businesses.
NCSC chief executive Ciaran Martin described the cyber threat as “large, growing and diverse” – and warned further attacks are inevitable. He said: “Cyber security is crucial to our national security and to our prosperity.
“We’re incredibly proud of what we have achieved in our first year at the National Cyber Security Centre, bringing together some of the best cyber-security brains in the country in a single place.
“The threat remains very real and growing – further attacks will happen and there is much more for us to do to make the UK the safest place in the world to live and do business online.”
The NCSC, which is part of intelligence agency GCHQ, was established to spearhead efforts to counter the mounting danger from cyber-criminals and hostile states.
The most high-profile episode was the global ‘ransomware’ outbreak that affected dozens of NHS trusts in May, while in June email accounts were targeted in an attack on parliamentary networks.
More recently, Deloitte has confirmed that a hacker got into its email system and accessed the confidential details of “a few” clients. The attack, which could have gone unnoticed for months, has been played down by the firm, which earns vast fees from telling other people how to protect themselves against cyber attack. In fact, Deloitte’s cybersecurity business grew faster than any other area last year. Deloitte said that “no disruption has occurred to client businesses, to Deloitte’s ability to continue to serve clients or to consumers”.
And accountancy body CIMA has admitted that its website security was not tight enough, urging its students to change their passwords. CIMA admitted an unauthorised individual was able to access and view limited information about users on its CIMA Connect website, including contact IDs and email addresses.
CIMA’s advice to its students is worth repeating. The institute said they should use letters (upper and lower case), symbols and numbers. The combination should also be completely unrelated – ‘blue42UnicorN!’, for example – and avoid common phrases or song lyrics. The longer the password the better too – create a password with 10 characters or more. Finally, keep it unique, and try to use a different password for each of your online accounts.
Comments are closed.