Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Thoughts from the NCSC 2020 Annual Review
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Thoughts from the NCSC 2020 Annual Review

5 years ago Dean Ferrando
Thoughts from the NCSC 2020 Annual Review

The National Cyber Security Centre (NCSC) released its annual review of 2020.  If you are unfamiliar with the NCSC, part of their mission is that they are “dedicated to making the United Kingdom the safest place in the world to live and work online.”   This is a lofty goal, and since the first report, issued in 2016, the NCSC remains steadfast in its vision.

This year’s report, which spans the period from September 2019 through August 2020, contains many interesting insights.  Here is a summary of some of the more salient points:

A new CEO at NCSC

An interesting development, although unrelated to cybersecurity, is the appointment of a new CEO at NCSC.  This is a positive change, as having someone new at the helm of a security organisation opens up the potential for a different perspective from their predecessors. This can be seen in the way a leader responds to the tactics of attackers.

Cyber attackers prefer to exploit areas that are either easy targets, or that they understand well through their criminal research. For example, a cyber gang could research the operational processes of security organisations, observing the organisation’s response patterns. In doing this, they are able to create workarounds to avoid detection when they conduct a real attack against a potential target. Having someone new come into an organisation provides the ability for the new CEO to take a fresh look at the current measures and add or remove any systems that are either not being used effectively or are old and outdated. A shift in those systems would disrupt all the research that the cyber criminals have been collecting, potentially pushing any attack plan back to the beginning.

COVID-19 takes center stage

Of course, similar to all other reports of 2020, Coronavirus must be addressed.  How could an infectious disease have an impact on cybersecurity?  The NCSC states that there have been more threats than ever due to Coronavirus. Cyber gangs are always looking for new areas to exploit, and with the pandemic forcing major changes within organisations and the way their employees work, i.e., from home.  This has created more potential gaps in the security landscape. The emergent inclusion of more BYOD opportunities, as well as potentially weak network security (as compared to corporate restrictions), has opened up new areas to attack.

Diversity: helping you stay secure

Optimistically, the NCSC report states that there has been a major increase in the inclusion of young people within cybersecurity, and in particular, an increase of 60% in female participation. This is a very promising sign. One of the biggest factors when it comes to security organisations’ ability to protect themselves against a lot of different types of attacks depends on being able to leverage the diversity within the teams themselves.

NCSC helping support victims

An often overlooked aspect of cybersecurity is victim support.  Most, if not all effort and funds are spent focusing on areas to protect the organisations or their people from being attacked. What effort is spent on the entities that do fall victim to the attacks?  Organisations would most probably have some form of insurance against intellectual property theft or financial loss impact, but individuals would most certainly not have any recourse should they become the victim. (Merely offering free credit monitoring does little to make a victim “whole”.) The NCSC report highlights that they have provided support to over 1200 victims of a cyberattack, which, although encouraging, lacks specific details about what that support entailed.

Stopping advanced threats

The NCSC has highlighted that they were able to stop or thwart attacks that are usually very hard to detect, such as custom malware. Custom Malware is malicious code that has been altered to infiltrate a specific person or organisation by means of exploiting their individual and uncommon security flaws. These types of attacks are usually performed to either harm the reputation of a specific organisation or to steal the intellectual property of the organization.  This could have a huge financial impact, if the target is a pharmaceutical research company working on the coronavirus pandemic, for example.

Other areas where custom attacks would provide financial benefit to cyber gangs are industries that don’t necessarily affect an entire consumer base, but more focused on individual errors or financial transactions.  To clarify, organized sports have been targeted, potentially disrupting a large transaction between two clubs. Imagine the financial gains for any cyber gang should they be able to get a hold of any of the large transfer deals that have happened over the years. This type of attack would require a focus on a specific user or team, but would be massively detrimental to the sports industry. NCSC have stated that they were able to assist in stopping such attacks in the past.  With all the names given to attacks, such as Phishing, Spear Phishing, and Watering Hole, could an attack against a sports club be somewhat humorously named a “Goal Post attack”?

Phishing for scams

The topic of phishing is not overlooked in the annual review. A lot of the feedback and reporting provided within the NCSC report points back to one of the most common basic attack vectors utilised by cyber criminals, phishing. As phishing is still one of the most successful attack vectors, why would cyber criminals reinvent the wheel? Cyber gangs do however make alternate versions of the attack type, such as using celebrity names to falsely endorse certain scams. NCSC has reported the rise in these attempts, but has also reported to being able to shut most of them down within 24 hours in some cases. However, education is still one of the biggest tools in any organisation’s arsenal to combat phishing attacks.

Creating new frameworks and legislations

In a bold move, the NCSC worked alongside the Department of Culture, Media & Sport (DCMS) in the development of legislation to create a new security framework (EN 303 645), requiring manufacturers of connected consumer devices to create a uniform security standard for all internet-connected consumer devices, such as closed-circuit television (CCTV) cameras, and other home automation systems. A lot of unsuspecting consumers rely on the fact that as they are purchasing devices from well-known companies, and that those companies are doing their due diligence in terms of providing out of the box security measures on their devices. However, this is definitely not the case. The new legislation introduces specific measures to promote better default security for these devices

Thanking you. The cybersecurity community.

The NCSC acknowledges, and gives credit to the strong cyber community as well.  The success of the NCSC occurred with the assistance of multiple cybersecurity teams, all working in conjunction with one goal in mind, to stop the attacks. The teams were not only a combination of different teams within the NCSC itself but also with the assistance of allied nation-states and security communities found around the world. Having multiple teams available to test security best practices and particular applications such as the Nation Health Services’ (NHS) track and tracing apps, provided invaluable assistance in hardening and securing the application prior to being released to the public.

The information in this year’s NCSC report is well-worth reading.  At first glance, the report seems daunting, a full 128-page document.  However, its format is brisk, and the information is highly relevant to all cybersecurity disciplines.  I am hopeful that this summary has whet your appetite to read the entire report, enhancing your knowledge, and your ability to protect your organisation against the threats that continue to evolve.

The post ” Thoughts from the NCSC 2020 Annual Review” appeared first on TripWire

Source:TripWire – Dean Ferrando

Tags: Coronavirus, COVID-19, Exploit, Goverment, Phishing, Privacy, TripWire

Continue Reading

Previous Key OT Cybersecurity Challenges: Availability, Integrity and Confidentiality
Next Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data

More Stories

  • Cyber Attacks
  • Data Breach

AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack

9 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

14 hours ago [email protected] (The Hacker News)
  • Data Breach

The Buyer’s Guide to AI Usage Control

15 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

16 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

20 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

22 hours ago [email protected] (The Hacker News)

Recent Posts

  • AISURU/Kimwolf Botnet Launches Record-Setting 31.4 Tbps DDoS Attack
  • ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories
  • The Buyer’s Guide to AI Usage Control
  • Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
  • Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT