Report shows growing cyber security threat to UK

Criminals are launching more online attacks on UK organisations than ever before, according to a major new report.

The Cyber Threat to UK Business, jointly authored by the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) in collaboration with industry partners, details some of the biggest cyber attacks from the last year. It also notes that risks to UK businesses continue to grow. Emerging threats include theft from cloud storage and cryptojacking, in which computers are hijacked to create crypto currencies such as bitcoin.

The report also highlights how legitimate software such as Medoc and CCleaner have provided attackers with a potential back door into networks, while noting how organisations are under increasing threat from supply chain weaknesses which can mean serious financial and reputational damage.

The authors of the report acknowledge that a basic cyber security posture is no longer enough and most attacks will be defeated by organisations that prioritise cyber security and work closely with government and law enforcement.

Ciaran Martin, Chief Executive of the NCSC, said: “This joint report brings together the combined expertise of the NCA and the NCSC. The key to better cyber security is understanding the problem and taking practical steps to reduce risk.

“This report sets out to explain what terms like cryptojacking and ransomware really mean for businesses and citizens, and using case studies, shows what can happen when the right protections aren’t in place.”

The report has been published to mark the start of CYBERUK 2018, the country’s biggest cyber security conference.

The event will see state-of-the-art industry and government displays on the exhibition floor demonstrating cutting edge technology to help the UK thrive in the digital age.

Simultaneously, a series of lectures keynotes, panel debates and workshops delivered around the NCSC’s four objectives – nurture cyber skills and understand, reduce and respond to attacks.

Earlier this year it was revealed that cyber security training for employees could help nearly half the UK workforce to be more aware of threats as one in five say they could not identify a phishing email.

Related reading