WIREDGOV

The NCSC's Active Cyber Defence report for 2019 has been published.  The NCSC's Technical Director, Ian Levy, has also blogged about the report and that can be read here.

A scam to defraud thousands of UK citizens using a fake email address spoofing a UK airport was one of a wide range of cyber attacks successfully prevented by the National Cyber Security Centre (NCSC), a report revealed last week

Details of the criminal campaign are just one case study of many in Active Cyber Defence – The Second Year, the latest comprehensive analysis of the NCSC’s world-leading programme to protect the UK from cyber attacks.  The incident occurred last August when criminals tried to send in excess of 200,000 emails purporting to be from a UK airport and using a non-existent gov.uk address in a bid to defraud people.

However, the emails never reached the intended recipients’ inboxes because the NCSC’s ACD system automatically detected the suspicious domain name and the recipient’s mail providers never delivered the spoof messages. The real email account used by the criminals to communicate with victims was also taken down.

A combination of ACD services has helped HMRC’s own efforts in massively reducing the criminal use of their brand. HMRC was the 16th most phished brand globally in 2016, but by the end of 2018 it was 146th in the world.

The ACD technology, which is free at the point of use, intends to protect the majority of the UK from the majority of the harm from the majority of the attacks the majority of the time.

Other key findings for 2018 from the second ACD report include:

• In 2018 the NCSC took down 22,133 phishing campaigns hosted in UK delegated IP space, totalling 142,203 individual attacks;
• 14,124 UK government-related phishing sites were removed;
• Thanks to ACD the number of phishing campaigns against HMRC continues to fall dramatically – with campaigns spoofing HMRC falling from 2,466 in 2017 to 1,332 in 2018. These figures relate to 16,064 spoof sites in 2017 and 6,752 sites in 2018;
• The total number of takedowns of fraudulent websites was 192,256, and across 2018, with 64% of them down in 24 hours;