UK targeted in hundreds of cyber attacks and a million credit card fraud bids

By Flora Thompson, PA Home Affairs Correspondent

The UK was targeted in more than 600 cyber attacks in the last year and security services handled over a million cases of suspected credit card fraud.

The National Cyber Security Centre (NCSC) said it had dealt with 658 attacks between September 1 2018 and August 31 this year, out of a total 1,800 since it was set up in 2016.

Intervention by cyber security experts meant thousands of people were saved from losing any money, according to the centre.

But it has so far been unable to confirm how many of the cases were disrupted or prevented, though it warned a “significant number of incidents continue to come from hostile nation states”.

The NCSC said it had dealt with 1,800 attacks since it was set up in 2016 (Dominic Lipinski/PA)

The figures were revealed on Wednesday in the centre’s third annual review, which sets out its work to protect the public.

It said the launch of Operation Haulster saw any fraudulent intentions against more than a million credit cards automatically flagged to banks, and in the majority of cases before a crime had taken place.

This meant hundreds of thousands of people were protected “before they lost a penny”, according to the review.

Ciaran Martin, the centre’s chief executive, praised the successful operations but said “there is of course much work to do”, adding: “A significant proportion of our work has continued to take the form of defending against hostile state actors.

“We can say that Russia, China, Iran and North Korea continue to pose strategic national security threats to the UK, but we can’t often talk about the operational successes.

“The most immediate threats to UK citizens and businesses come from large-scale global cyber crime.

“Despite often being low in sophistication, these attacks threaten our social fabric, our way of life and our economic prosperity.”

The centre, which is part of the Government Communications Headquarters (GCHQ), was set up as part of a £1.9 billion cyber security strategy.

The Government, academic bodies, IT, service providers, as well as health and transport organisations are among those which regularly call on the centre for support.

The report also highlighted other parts of the centre’s work, including:

– How it used new technology to speed up how information about threats is shared. Previously it has taken several hours for officials to be able to share information relating to threats to the UK, but the machine can identify what can be shared in a matter of seconds, though the final decision still lies with a person.

Oliver Dowden, Cabinet Office minister responsible for cyber security strategy, responded to the report (David Mirzoeff/PA)

– The centre also runs the Active Cyber Defence (ACD) programme which finds malicious sites and sends notifications to the host to get them removed. It has led to 98% of phishing URLs which were discovered to be malicious being taken down – a total of 177,335. Of those, 62.4% were removed in the first hour.

– Officials meet with UK political parties every three months and provide cyber security advice in a bid to protect the democratic process, something it did during this year’s local and European elections.

Oliver Dowden, Cabinet Office minister responsible for the country’s cyber security strategy, said the report showed the success of efforts to make the “the UK a more challenging place for our cyber adversaries to operate in”.

He added: “Any digital economy must be alert to new threats, and to changes in existing threats.

“The NCSC operates in a complex landscape in which the contours are constantly changing and there is no room for complacency.

“Securing the internet is a 24/7 challenge, 365 days a year, and cannot be shouldered by any one organisation.

“This is a long-term mission, and I congratulate the NCSC for helping to build a pipeline of specialist talent for the future to achieve this.”

On Monday it emerged the centre had rumbled an alleged Russia-based group of cyber hackers masquerading as Iranian crooks after targeting a UK victim.

It spent more than 18 months investigating the Turla terror group – which routinely targets governments, the military, technology, energy and commercial organisations to collect intelligence – after an unnamed “UK academic organisation” was compromised.

The centre has also reported the number of girls applying for cyber security courses has risen by nearly 50% in a year.

It said the number of female applicants was up 47%, and the overall number of those applying rose by 29%.