The United Kingdom suffered 188 high-level attacks that “threatened national security” over the span of three months.
Ciaran Martin, head of Britain’s National Cyber Security Centre (NCSC), told Sunday Times that more than 60 attacks struck the country every month since late 2016. Some of those attacks targeted local councils, charities, universities, and other “soft targets.”
This trend is consistent with what Philip Hammond observed. The Chancellor revealed to the Sunday Telegraph that the NCSC blocked 34,550 “potential attacks” against councils and private individuals in the past six months alone. That figure amounts to about 200 attacks a day.
Most of the other attacks fell under an ongoing spike in Russia’s aggression against Western countries. As Martin said to Sunday Times:
“Over the last two years there has been a step change in Russian aggression in cyberspace. Part of that step change has been a series of attacks on political institutions, political parties, parliamentary organisations and that’s all very well evidenced by our international partners and widely accepted.”
British government departments said they too have suffered state-sponsored attacks, many of which likely originated from Russia and China. In Martin’s words, these attacks mainly sought to infiltrate “the system to extract information on UK government policy on anything from energy to diplomacy to information on a particular sector.”
Currently, the National Cyber Security Centre is investigating all reports of Chinese and Russian state-sponsored attacks against foreign policy and defense servers.
While the NCSC’s investigation remains ongoing, UK organizations should work to protect themselves against attackers of all kinds. An essential part of this effort should involve educating their employees to be on the lookout for phishing attacks s via the use of third-party security awareness training software.
Does this strategy sound of interest to you?