National Cyber Security Centre’s Annual Review 2022
The National Cyber Security Centre (NCSC) has issued its Annual Review of 2022, looking back over key developments and highlights. Here we list a few of the observations from the beginning of the review illustrating the amount and types of threats that we all face. The report also includes positive activity that is being undertaken to ensure greater UK cyber security, so we’d recommend you take a read. Additionally, if you need to chat through any of the issues and how they could impact your business, we are always here to help.
The UK is the third most targeted country for cyberattacks, behind only the USA and Ukraine. Whilst this sounds scary, we must also recognise that the NCSC have immense facilities for people and businesses to report attacks, making the UK numbers more accurate than most.
Cyber Security & Resilience
It is clear the cyber security threat is diversifying and evolving. Cyber criminals are always looking for new ways to attack so we all need to try and stay ahead of them.
To enhance current defences, we must increase our efforts to improve levels of cyber resilience. This is where we know how to deal with an attack when it happens in order to minimise the impact. Building cyber resilience and maturity is fundamental to the UK’s economic and national security interests. This means having strong cyber defences where most attacks are prevented or blunted, and the ability to prepare, respond, recover and learn when attacks get through.
Sir Jeremy Fleming, Director of GCHQ, states that cyber security will continue to be pivotal to our nation’s success. Pretty strong words, and we can’t help but agree. Without layers of current cyber security, we are all vulnerable.
Ransomware remains the most acute threat that businesses and organisations in the UK face. Over the last year, the cyber security threat to the UK has evolved significantly. The threat from ransomware was ever present – and remains a major challenge to businesses and public services in the UK. This year, 18 ransomware incidents required a nationally coordinated response, including attacks on a supplier to NHS 111, and a water utility company, South Staffordshire Water. Worried about Ransomware – ask us for help.
Email & Social Media
The most significant threat facing citizens and small businesses continued to be from cybercrime, such as phishing, while hacking of social media accounts remained an issue. Official figures revealed there were 2.7m cyber-related frauds in the 12 months to March 2022. Members of the public reported over 10.5 million suspicious emails, resulting in the take down of 76,000 online scams, highlighting how we’re all becoming more aware of phishing. But don’t get complacent – think before you click.
Supply chain attacks are an example of how our increasingly complex technology ecosystem can be exploited. Where organisations cannot directly be compromised, an adversary can take advantage of lax security somewhere in that organisation’s digital supply chain. Wherever we are in the supply chain we must take responsibility – we wouldn’t want to be the recipient of an attack caused by others and wouldn’t want to be the cause of another business getting hit.
Finally, it was revealed that 39% of businesses in the UK had suffered a cyberattack over the previous 12 months, 20% of which faced a material outcome, such as loss of money or data. This startling figure reminds us how vital it is that we do our utmost to stay ahead of the criminals. If you need advise on staying cyber-secure, let us help.