Cyber Security and Covid-19: A Record Number of Incidents
In the latest National Cyber Security Centre (NCSC) annual review, it has been revealed that over a quarter of cyber security incidents have been related to Covid-19. Let’s take a closer look at the findings.
More cyber threats than ever before
The NCSC is the UK’s technical authority for cyber threats and works to make the UK a safe place to live and work online. In its annual review, it looks back at some of the key developments and highlights from the year, and how it has tackled more cyber threats than ever before.
The findings have exposed a record number of cyber security incidents between September 2019 and August 2020, with 723 serious incidents being handled, and over 200 of these being related to Covid-19.
Lindy Cameron, CEO of the NCSC said: “We scanned more than one million NHS IP addresses for vulnerabilities and our cyber expertise underpinned the creation of the UK’s coronavirus tracing app. An innovative approach to removing online threats was created through the ‘Suspicious Email Reporting Service’ – leading to more than 2.3 million reports of malicious emails being flagged by the British public. Many of the 22,000 malicious URLs taken down as a result related to coronavirus scams, such as pretending to sell PPE equipment to hide a cyber attack.”
Balance of threats
The world changed in 2020 and so did the balance of threats. This meant that the NCSC had to work extra hard, taking proactive measures to defend the UK from coronavirus-related threats. When many organisations moved to remote working, advisories were issued about how cyber criminals were seeking to exploit the pandemic for profit, and guidance was updated on how to spot and deal with suspicious emails, calls and texts (including coronavirus-based scams).
Nicky Hudson, NCSC Director of Policy & Communications commented, “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak.”
Additional cyber incidents handled by the NCSC include attacks from state-sponsored hackers, attempting to breach information about a potential vaccine being produced in the UK, and bogus emails claiming to be from health authorities providing important updates.
The report later talks about building resilience across all organisations. As we come in and out of lockdown, criminals will continue to exploit the pandemic. Businesses need to ensure they have resilient cyber security around this time. Keeping businesses safe requires
- Robust policies
- An overhaul of staff training
- Highly sophisticated email inbox defence security
Cyber Security can no longer be put on hold. It needs to take precedence when making big business decisions and should be fully sustainable. Adopting a ‘defence in depth’ strategy, as recommended by the NCSC, should be the first step to long-term safeguarding, and defending businesses against the most common attacks.
Remember, if you have any doubt when receiving something foreign, please do not open, forward, click or take action. Check with your IT provider that it is safe.
You can find the full NCSC Annual Review here.