More than 700,000 scams removed by the NCSC in the past year

"The National Cyber Security Centre (NCSC) has revealed that cyber security experts have taken down more than 700,000 scams during the past year

This is according to a new NCSC report, the fourth to be published this year, which also revealed that the online scams were part of a fifteen-fold increase over the previous three years combined. 

The scams included fake celebrity endorsements and “bogus” COVID vaccine advertisements and totalled more than 1.4mn URLs, the NCSC said.

Talking about the report and how the organisation is helping during the pandemic, Lindy Cameron, CEO of the NCSC, said: “As the cyber security community prepares to gather for CYBERUK, the ACD report offers a helpful insight into just some of the ways the NCSC has adapted to protect the UK during the pandemic."

She added: “Whether it has been protecting vital research into the vaccine or helping people work from home securely, the NCSC has worked with partners to protect the digital homeland during this unprecedented period.

The report was released ahead of the NCSC’s annual CYBERUK gathering, a two-day event starting tomorrow (12 May) which will be hosted online by cyber security experts who will focus on how the organisation has responded to the pandemic.  

“I look forward to hearing from thought-leaders at CYBERUK as we reflect on this period and look ahead to building a resilient and prosperous digital UK after the pandemic,” Cameron said.

The Active Cyber Defence (ACD) Programme

Explaining the Active Cyber Defence Programme, Dr. Ian Levy, Technical Director of the NCSC, said: “The ACD programme is truly a collaborative effort, and it’s thanks to our joint efforts with partners both at home and internationally that we’ve been able to significantly ramp up our efforts to protect the UK.

“This has never been more important than in the last year, where it was vital for us to do everything we could to protect our most critical services and the wider public during the pandemic."

He added that “the bold defensive approach taken by the ACD programme continues to ensure our national resilience” and encourages “public bodies, companies and the general public to sign up to the services available to help everyone stay safe online.”

The discovery of the scams was made thanks to the NCSC’s Takedown Service, which works to remove malicious sites and online infrastructure. 

One area of the ACD report last year included the protection of the NHS during the COVID-19 pandemic which focused on attacks looking to harvest NHS credentials with the intention to compromise critical systems, the NCSC said. 

The 2020 ACD report

Other ares and findings from the 2020 report included: 

• More than 11,000 UK-government-themed phishing campaigns were taken down – more than double the 2019 figure.
• The Suspicious Email Reporting Service was launched in April 2020, and received nearly 4 million reports by year-end, leading to the removal of over 26,000 scams not previously identified by the Takedown Service. 
• The most phished UK government brand was Her Majesty’s Revenue and Customs (HMRC).

Adam Philpott, EMEA President at McAfee, says that the increase in cyber attacks over the last year is not surprising. 

He said: “It’s no surprise that cyber attacks have dramatically increased over the past year, as cybercriminals adapted to exploit the pandemic and our thirst for information around Covid-19 related topics. What started as a trickle of phishing campaigns and the occasional malicious app quickly turned into thousands of malicious URLs. 

Looking towards the future, he added: “As we head into the next normal, we anticipate that the rise in threats will continue and businesses must ensure they have the correct measures in place to outrun the adversaries.”

“It is also important to remember that business leaders must consider cyber as an investment rather than a cost. Good investment will accelerate remediation and improve proactive readiness against threats they are yet to face. When done well, implementing the right security does far more than protect against losses - it becomes an incredible driver of growth, innovation and business resiliency,” he said. 

The news of the increase in online scams comes at the same time as the publication of a Global Threat Intelligence Report by the NTT, which showed that there has been up to a 300% increase in cyber attacks across the globe due to opportunistic targeting. 

It also revealed how hackers are targeting essential industries due to the shift to remote working as a way of taking advantage of the global destabilisation. 

Commenting on the information, Kazu Yozawa, CEO of NTT’s Security division, said: “Last year we predicted a surge in targeted, opportunistic attacks and unfortunately, this has proven all-too-true. 

“While these industries have done their best to maintain essential services throughout disruptive times, the fall in security standards when companies need them most is alarming.”

He concluded: “As services continue to move online and become increasingly digital to account for the new normal, organisations must be extra vigilant in upholding and maintaining best practices in their security.”