Cyberuk2019 highlights
Cyber Accelerator demo day
Cyber Growth animation
TIGHS CyberFirst Adventures
CYBERUK2019 FiveEyes Highlights
CyberFirst Girls Competition 2019
CYBERUK2019 Schools Event
Source: The list was created in April 2019 after breached usernames and passwords published on Have I Been Pwned website.
In cryptography, the ADFGVX cipher was a field cipher originally used by the German Army during World War I. The cipher is named after the six possible letters used in the ciphertext: A, D, F, G, V and X. These letters were chosen deliberately because they sound very different from each other when transmitted via morse code. The intention was to reduce the possibility of operator error.
If you want some help to crack the code, please use this online decoder. However, if you'd like to work it out yourself please contact enquiries@ncsc.gov.uk for the factsheet.
Hint: It's an acronym...
| C | C | N | S |
|---|---|---|---|
| X | G | A | A |
| A | A | A | D |
| V | D | A | D |
| A | A | G | F |
| D | A | G | F |
| V | D | A | G |
| A | V | G | F |
| D | A | D | G |
| G | X | A | D |
| A | F | D | D |
| A | V | D | A |
| G | X | A | D |
| D | V | G | A |
| F | D | D | F |
| G | A | A | G |
| G | A | A | V |
| F | D | D | G |
| A | G | G | A |
| D | A | F | D |
| A | V | G | D |
| V | G | A | A |
| V | D | D | A |
| G | G | A | D |
| V | X | A | A |
| N | C | S | C |
|---|---|---|---|
| A | X | A | G |
| A | A | D | A |
| A | V | D | D |
| G | A | F | A |
| G | D | D | A |
| A | V | G | D |
| G | A | F | V |
| D | D | G | A |
| A | G | D | X |
| D | A | D | F |
| D | A | A | V |
| A | G | D | X |
| G | D | A | V |
| D | F | F | D |
| A | G | G | A |
| A | G | V | A |
| D | F | G | D |
| G | A | A | G |
| F | D | D | A |
| G | A | D | V |
| A | V | A | G |
| D | V | A | D |
| A | G | D | G |
| A | V | A | X |
Hint: It's something that we do.
| A | D | F | G | V | X | |
|---|---|---|---|---|---|---|
| A | C | Y | B | E | R | S |
| D | U | I | T | A | D | F |
| F | G | H | J | K | L | M |
| G | N | O | P | Q | V | W |
| V | X | Z | 1 | 2 | 3 | 4 |
| X | 5 | 6 | 7 | 8 | 9 | 0 |
Simonetta d’Ottaviano is CEO of Nettoken, an identity management platform designed to encourage awareness of an individual’s expanding digital footprint, helping improve their personal security. The platform keeps track of all of a subscriber’s online accounts, making everything accessible from a single control panel.
“The average internet user is signed up to around 150 active accounts, putting them at high risk of cybercrime,” says Simonetta, who co-founded the firm with Charlotte Slingsby and Ela Neagu while completing her master’s in engineering.
“We realised that most cyber security products are designed for businesses and we wanted to look at it from an individual’s point of view.”
They designed a management platform for a user’s digital identity; a way of organising multiple online accounts, which also acts as a single password manager.
“Nettoken provides an overview of all the services that you may have signed up for, whether it was to book a flight or create a new WIFI access. It acts as a manager which puts them into groups, your shopping accounts in one, utilities and financial accounts in another.”
She explains: “We wanted to create a usable tool that has cyber security embedded, without the user having to worry too much about it.“
The service is already proving popular and the company is aiming to soon reach 5,000 paying customers.
Simonetta believes Nettoken has benefited greatly from being included in the NCSC Cyber Accelerator programme.
“Taking part in the programme was very important to challenge us and build our credibility. The team was very encouraging, and to have access to their technical expertise was invaluable. It’s been a brilliant experience for us to be mentored and assisted by the NCSC.”
Five years ago, Tim Moran set up LuJam Cyber to combat a major challenge in cyber security, encouraging SMEs to understand that whatever their size, they are not immune to attacks.
Last year, 31% of all SMEs suffered from hostile incidents and, as Tim states, “The worst thing is that the majority of these attacks were preventable. Many of these companies are relying on a firewall and antivirus alone, often because other forms of protection are too expensive.”
Tim recognised that SMEs require similar levels of security to larger enterprises but delivered in a way that is easy for a business owner to use and understand, without needing to be an IT specialist. After attracting investors to match a £250,000 grant won from Innovate UK – as well as selling his house to raise more capital along the way – Bristol-based LuJam launched a subscription service offering customers full protection against the latest cyber threats for all of their devices.
“Following extensive trials, we were ready to provide companies with cyber security software at a competitive price. Our goal is to help Managed Service Providers (MSPs) take their customers on a steady journey to improved cyber hygiene.
“Our service is powered by cloud analytics and network scanning that discovers IT assets, assesses risks, blocks bad connections and provides continuous monitoring.”
LuJam spent nine months working with the NCSC, an experience Tim views as incredibly rewarding. After five years of development, the future looks bright for the company, which is now in trials with several major partners and investors.
Tim says: “Our solution is applicable anywhere in the world and we are already involved in a number of initiatives in Commonwealth countries. We’ve also started to explore much larger opportunities in cyber insurance, enterprise supply chains and enterprise homeworkers.”
Since the National Cyber Security Centre (NCSC) was created in 2016 as part of the government’s five-year National Cyber Security Strategy, it has worked to make the UK the safest place to live and work online. This review of its third year provides a snapshot of the organisation’s work over the period 1 September 2018 to 31 August 2019.
Read the full Annual ReviewRt Hon Oliver Dowden MP, Minister for the Cabinet Office
The United Kingdom has one of the most digitally-developed economies in the world, transforming the lives of citizens, driving innovation, and fuelling job opportunities and national growth. We can be proud that in the National Cyber Security Centre (NCSC) we have a world-leading body for digital protection which, since its launch in 2016, has made the UK safer and its defences stronger. Ensuring the UK remains the most secure place to live and do business online, and upholding public trust in our digital systems, are personal priorities for me and a key part of this government’s vision for the UK. As the Cabinet Office Minister responsible for resilience and the National Cyber Security Strategy, I very much welcome the achievements and progress laid out in this review.
Continued in the full Annual ReviewThis covers the period 1 September 2018 to 31 August 2019
Click and drag to view
12 Sept
NCSC CEO delivers speech at the Confederation of British Industry’s Cyber Conference to help business leaders understand and manage cyber security risks
03 Oct
UK, Dutch and other allies expose GRU (Russian military intelligence) cyber attacks targeting political institutions, businesses, media and sport
14 Oct
Secure by Design ‘Code of Practice for Consumer Internet of Things Security’ published with the Department of Digital, Culture, Media and Sport
22 Nov
NCSC CEO meets with the First Minister of Scotland, Members of the Scottish Parliament and the Chief Constable of Police Scotland in Edinburgh to discuss ways to boost cyber security in Scotland
23 Nov
Advice to shop safely online on Black Friday and Cyber Monday published in partnership with retailers
29 Nov
UK’s ‘Equities Process’ published on how vulnerabilities are identified and handled
20 Dec
UK and allies expose APT10 of cyber attacks on intellectual property and sensitive commercial data in Europe, Asia and the US
7 Jan
Guidance on cyber security for major events published
29 Jan
Academic Centres of Excellence in Cyber Security Research visit NCSC headquarters to take part in strategic discussions
13 Feb
NCSC Directors meet with Ministers at the National Assembly for Wales in Cardiff to discuss how to boost Welsh cyber defences
12 Mar
New NCSC web platform launched including bespoke guidance for six new audience categories
21 Mar
NCSC Board Toolkit launched to encourage essential cyber security discussions between the Board and their technical experts
24-25 Mar
Royal Masonic School for Girls crowned winners of NCSC’s CyberFirst Girls Competition at the final which took place in Edinburgh
28 Mar
Fifth annual report from the Huawei Cyber Security Evaluation Centre Oversight Board published
24-25 Apr
CYBERUK 2019 hosted in Glasgow
25 Apr
Exercise in a Box online tool launched to help organisations test and practice their response to a cyber attack
23 May
NATO Cyber Defence Pledge Conference held at NCSC headquarters
11 Jun
Guidance for small businesses to respond and recover from a cyber incident published
13 Jun
‘Top Tips for Staff’ e-learning package launched
18 Jun
150 women from across the UK’s intelligence, government and security communities attended the ‘Women in Security Network’ event held at NCSC headquarters
25 Jun
De Montfort and Northumbria Universities recognised as Academic Centres of Excellence in Cyber Security Research
10 Jul
Seven companies graduate from the NCSC Cyber Accelerator for innovative start-ups
16 Jul
‘Active Cyber Defence – the second year’ report published
Jul / Aug
22 CyberFirst summer courses for children and young adults held throughout the country to develop the UK’s next generation of cyber professionals
Aug
Appointment of IASME Consortium Ltd as new Cyber Essentials partner
Handled 658 incidents
Awarded 14,234 Cyber Essentials certificates
delegations from 56 countries visited the NCSC
Took down 177,335 phishing URLs, 62.4% of which were removed within 24 hours
Enabled 2,886 small businesses across the UK to do simulated cyber exercising for themselves
Hosted 197 events, with more than 9,000 attendees
The government’s vision is for the UK to be prosperous and confident in the digital world whilst remaining secure and resilient to cyber threats.
Central to the NCSC’s mission is ensuring people of all ages across the UK are more secure when using internet-connected devices and online services.
The government’s vision is for the UK to be prosperous and confident in the digital world whilst remaining secure and resilient to cyber threats.
Central to the NCSC’s mission is ensuring people of all ages across the UK are more secure when using internet-connected devices and online services.
Reducing the burden: The general public is protected from the majority of online harm ever reaching them. The action they need to take to secure their devices and online services is minimal.
Making it easier: Citizens can act upon the cyber security advice they receive, whatever device or online service they use.
Equipping the nation: People are given the confidence and tools to protect themselves and those around them.
Raising awareness: Enabling the general public to better protect themselves and share knowledge with others.
Protect your accounts…
Look after your devices…
Many consumer products that are connected to the internet are found to lack basic security features, putting consumers’ privacy and security at risk. The NCSC has been working closely with the Department for Digital, Culture, Media and Sport (DCMS) to support consumer ‘Internet of Things’ (IoT) manufacturers of all sizes to ensure their devices have good cyber security practices built in from the design stage.
The NCSC and DCMS do not think it is right to expect all consumers to be ‘cyber security experts’ and wish to remove the burden from them having to differentiate products that do or do not take their responsibility to security seriously. That’s why the NCSC has also worked closely with DCMS’ consultation on regulation, preparing to eradicate worst practice and embed transparency between the manufacturer and the consumer at the point of purchase.
Read more in the Annual Review“The progress we have made on ‘Secure by Design’ has been the product of a great partnership between DCMS and the NCSC. Both on the development of standards that are based in the language of our Code of Practice, or through productive challenge sessions on our future regulation proposals, we work together as a united front towards our ambition of protecting citizens and the wider economy from harm.”
Peter Stephens, Head of Secure by Design, Department for Digital, Culture, Media and Sport
A significant priority for the NCSC is keeping individuals and families safe from cyber threats. It does this by bringing its technical and operational expertise to bear, to identify and fix cyber security problems.
The NCSC’s pioneering Haulster operation has disrupted financial cyber crime by flagging fraudulent intention against more than one million stolen credit cards. It is in the process of scaling this operation, and hopes to reduce considerably more attacks in the near future.
Increasingly, criminal groups are using criminal marketplaces in cyberspace to buy and sell personal information and credit card details. Haulster takes stolen credit cards collected by the NCSC and partners, then, working with UK Finance, repatriates them to banks, often before they are ever used for crime. Card providers are then able to block cards to protect both financial institutions and the public.
In most cases, this has been done before a crime has taken place, meaning hundreds of thousands of victims of high-end cyber crime were protected before they lost a penny.
For further examples, read more in the Annual ReviewEver wondered which passwords get hacked most frequently? Play our passwords game to find out!
See if you can guess the UK’s most hacked passwords
The first UK Cyber Survey was conducted this year to better understand what the general public and organisations think, feel and do – and don’t do – about cyber security across the country.
The polling was independently carried out on behalf of the NCSC and DCMS.
The UK Cyber Survey found that people are concerned, confused and, to some extent, fatalistic that they will become victims of cyber crime.
The insights are informing the government’s approach, and the guidance offered by the NCSC, to help organisations and the public protect themselves against cyber threats.
Two in three say they know a great deal/fair amount about how to protect themselves online
70% believe they will likely be a victim of at least one specific type of cyber crime over the next two years, and most feel there would be a big personal impact.
37% agree that losing money or personal details over the internet is unavoidable these days
80% say cyber security is a high priority to them, half citing it a ‘very’ high priority
One in three rely to some extent on friends and family for help on cyber security
The UK Cyber Survey 2019 was commissioned by the National Cyber Security Centre and Department for Digital, Culture, Media and Sport as part of the UK government’s National Cyber Security Programme.
Ipsos MORI surveyed 2,700+ respondents: general public aged 16+, businesses, charities and public sector representatives from November 2018 to January 2019 via telephone.
The UK continues to be one of the most digitally advanced countries in the world, with our lives being online more than ever before. As this digitisation continues, it is vital that the UK remains able to protect its organisations, business and citizens against cyber crime.
The NCSC’s breadth of work, programmes and projects, together with its close partnerships with industry and government, mean that it is able to help protect the institutions, infrastructure and services that people so heavily rely on day to day.
The UK continues to be one of the most digitally advanced countries in the world, with our lives being online more than ever before. As this digitisation continues, it is vital that the UK remains able to protect its organisations, business and citizens against cyber crime.
The NCSC’s breadth of work, programmes and projects, together with its close partnerships with industry and government, mean that it is able to help protect the institutions, infrastructure and services that people so heavily rely on day to day.
The ultimate goal for Active Cyber Defence (ACD) is for there to be fewer cyber attacks in the world, causing less harm. It represents a significant step-change in the country’s approach to cyber security, because of its voluntary, non-regulatory, non-statutory approach delivered in partnership with central government, local government and business.
Web Check helps make websites a less attractive target, by finding obvious security issues and pointing them out to the website’s owner so that they can be fixed.
Protective DNS (PDNS) blocks public sector organisations from accessing known malicious domains or allowing malware on already compromised networks from calling home.
Takedown Service finds malicious sites and sends notifications to the host or owner to get them removed from the internet.
Mail Check helps public sector organisations take control of their emails, making phishing attacks which spoof those organisations more difficult.
Read more in the Annual ReviewUK share of visible global phishing attacks reduced to 2.1% (August 2019).
In 2016, HMRC was the 16th most phished brand globally. In Sept 2019, as a result of ACD services and HMRC countermeasures, their ranking had dropped to 126th in the world.
Active Cyber Defence tools highlighted a local authority (LA) primary school network behaving as though infected with Ramnit – a worm which affects Windows systems. The LA was notified, and an investigation found that the antivirus that was installed on the school’s systems was not working. As a result, the school had a wide level of infection. Not only did the Active Cyber Defence tool block the malicious connections, containing any harm, it also identified the malware and notified the LA. The LA was able to install a working antivirus and the infection was cleaned up within a day.
For the first time, the NCSC used ACD tools to tackle advanced fee fraud impersonating the UK legal sector. Both bogus law firms, and impersonation of legitimate law firms, are techniques used by fraudsters in an attempt to increase the credibility of their attacks. Increasingly, scammers use real law firms and other entities to try to make their attacks look more legitimate.
The NCSC has been tackling the abuse of public sector email domains in the UK. One such incident occurred when criminals tried to send in excess of 200,000 emails purporting to be from a UK airport, using a non-existent gov.uk address in a bid to defraud people. However, the emails never reached the intended recipients’ inboxes because the Active Cyber Defence system automatically detected the suspicious domain name and the recipients’ mail providers never delivered the spoof messages. The email account used by the criminals to communicate with victims was also taken down.
Two fire services merged to form a new super service with a new name and associated internet domain. One of the organisations subsequently deregistered their original domain. However in just three months, Synthetic DMARC blocked more than 150,000 emails from this now non-existent domain. There is no way of knowing whether these were as a result of fraudulent purposes or misconfiguration, but shows the necessity to correctly curate domains throughout their lifecycle.
The NCSC works closely with public sector bodies to protect the networks, data and services which the UK depends upon.
The NCSC provides assurance on key systems across central government departments and agencies, assisting them to develop their security strategies and secure their networks.
Building on the success of the Transforming Government Security Programme, the NCSC is working with the Cabinet Office’s Government Security Group, providing advice and guidance to shape policy development on cyber security.
The NCSC assists local government both through direct engagement at a local level, supporting its networks of technical staff, and working with representatives from member organisations including the Local Government Association (LGA) and the Society of Local Authority Chief Executives (SOLACE).
The foundations of liberal democracy are under increasing threat from cyber attacks and the NCSC plays a key role in defending the UK’s political process.
The NCSC meets with UK political parties (which take up at least two seats in the House of Commons) every three months and regularly gives cyber security advice to parliamentarians. During the local elections (March 2019) and European elections (May 2019), the NCSC provided guidance, informed by comprehensive cyber threat assessment, on risks and advice on protecting systems and people to political parties.
The NCSC monitors known adversaries who look to target parties or even politicians. If threats are detected, the NCSC shares the details of the threat and tailored advice, allowing the individual or organisation to put mitigations in place.
“Digital technology continues to change the way that elections are run and fought; it also changes the way that voters are informed and influenced. Since its creation, the NCSC has provided valued support to the Commission and wider electoral sector, to mitigate the risks posed by these innovations. We welcome their important role in supporting the ongoing integrity of elections in the UK.”
Bob Posner, Chief Executive., The Electoral Commission
The NCSC continues to work across the whole of the UK. This includes support to devolved administrations in Wales, Scotland and Northern Ireland, raising cyber resilience across all sectors.
“Our engagement with the NCSC has helped us to establish our executive agency, Social Security Scotland, followed by the launch of our public facing cloud based digital platform, which underpins the delivery of the first live devolved benefit payments Scotland. The NCSC has provided us with expert advice and guidance through technical workshops and engaging its partners to share experiences. This has given us valuable assurance in support of our strategic security objectives and our own ‘Secure by Design’ principle.”
John Campbell, Head of Digital Risk & Security Social Security Directorate, Scottish Government
“We have made significant investments in improving our cyber defences and cyber hygiene. The NCSC has proven to be an expert advisor in defining and refining our requirements, most especially in our plans to implement a Security Information and Events Management Service and associated Security Operating Centre. Their experience of forensics, analytics, alerts and appropriate approaches to monitoring has been invaluable.”
Chief Strategy Officer, Northern Ireland Civil Service
“The NCSC continues to provide valuable advice and guidance for us to share with Welsh stakeholders which greatly contributes to increasing cyber security capability within Wales. We value the engagement and ongoing support in several areas, including increasing take up of Active Cyber Defence tools in the Welsh public sector and encouraging participation of Welsh students on CyberFirst courses.”
Representative, Welsh government
Everyone in the country relies on the UK’s Critical National Infrastructure (CNI) day in, day out. We all need the country’s communications networks to keep in touch with friends and family, transport networks to travel to work and school, and energy networks to power and heat our homes. Interruption to any of these critical services could cause serious disruption to our lives and potentially damage the economy.
Strengthening the cyber resilience of the UK’s most critical systems therefore remains a top priority. The NCSC’s work spans CNI in the public sector, as well as a focus on nine critical private sectors: communications, transport, energy, civil nuclear, finance, water, chemicals, space and food. It provides direct support to hundreds of public and private sector organisations that own, manage and maintain CNI assets in the UK. This includes one-to-one technical advice, sharing threat information, facilitating cyber exercises and running information on exchanges for organisations to share knowledge and expertise.
On multiple occasions, the NCSC has alerted UK financial institutions to imminent threats from ATM cash-out fraud at home and abroad. This is where cyber criminals compromise banking and payment infrastructure, and obtain card details that can be used to withdraw large sums of cash from ATMs. Once already in-progress, these attacks can be difficult to stop.
The NCSC works with industry and government partners around the world to share information and disseminate alerts about threats and anticipated malicious activity.
As a result, banks swiftly put defensive measures in place that protect them against financial loss and reputational damage. Most recently, the NCSC alerted 56 banks to a specific ATM cash-out threat after receiving actionable information. As a result, the banks were able to block any attempt by the attackers to fraudulently withdraw money from customer accounts.
A successful cyber attack against the energy sector could disrupt the fuel and power supplies our country so heavily relies on. That’s why the NCSC’s work with energy firms has been diverse and extensive.
This year the NCSC worked with one of the UK’s largest oil refineries to review and advise on an upgrade to its systems, greatly increasing its resilience. The NCSC’s Cyber Adversary Simulation team also conducted an exercise against a critical supplier of road fuels, which identified vulnerabilities that the company has since protected itself against.
In partnership with the Department for Business, Energy and Industrial Strategy (BEIS), the NCSC held a complex technical exercise with electricity distribution network operators. It was the culmination of a two-year project and involved more than 170 participants at 13 different UK locations to test the sector’s response to a national-level incident.
Digital integration is only adding to the security challenge. The NCSC’s recent review of smart metering infrastructure for BEIS, and the recommendations it produced, is one illustration of how the NCSC works with government departments to ensure the highest cyber security standards across the sector.
The aviation sector has continued to be an attractive target for cyber attackers. Airlines store vast amounts of personal identifiable information (PII), which criminals can sell or use for spear phishing and identity theft. State actors may also be interested in airline PII for counter-intelligence purposes or tracking dissidents.
The NCSC’s work with the sector has included assisting UK airlines targeted by a group known as Chafer. This group, which security companies have linked to Iran, has a history of targeting global organisations for bulk personal data sets. The NCSC helped the airlines identify potential risks to their networks and offered mitigation advice, minimising the impact.
It has also continued working with NATS, the main air navigation service provider in the UK, to review the cyber security of their air traffic control and management system.
The NCSC collaborates closely with government and industry partners to develop secure systems for national security at home, and with the UK’s allies across the world. By doing this, the NCSC can help to ensure that critical operations continue globally.
The NCSC aims to develop, operate and maintain world class technical security capabilities to counter the threat from the country’s most capable adversaries, raising the cyber resilience across government and industry partners.
It’s through these partnerships, as well as its investment in developing the country’s cyber skills, that the NCSC can continue to help protect the UK from cyber threats.
The NCSC has supported ROSA – a central government IT system – as it transitions to become a fully supported service across government. ROSA provides fixed and mobile SECRET collaborative tools and communications in 152 countries across the globe, allowing users to create and share data securely.
The NCSC itself uses ROSA to collaborate more effectively and securely with government customers and industry partners.
This year, NCSC experts designed new systems that enable easy mobile working at SECRET in a safe way. This ground-breaking work is protecting our national security whilst enabling users to work in far better ways than any previous solutions have allowed in this space.
ROSA is expanding across a number of government departments, delivering tangible benefits and ensuring government communications are appropriately protected.
See the other ways the NCSC is supporting defence, security and resilience
The NCSC’s Operations directorate leads the government response to counter and disrupt the UK’s adversaries, capabilities and operations. While much of the team’s work is secret by necessity, it is now publicising its strategy to keep the UK safe from malicious actions of other nations and serious organised criminals.
The NCSC’s Operations directorate leads the government response to counter and disrupt the UK’s adversaries, capabilities and operations. While much of the team’s work is secret by necessity, it is now publicising its strategy to keep the UK safe from malicious actions of other nations and serious organised criminals.
In the last year the NCSC has led on
providing support to almost
The NCSC has handled almost
The NCSC works collaboratively with a strong network of partners in the UK and internationally. Through this work with partners, the NCSC knows more about its main nation state threats, including Russia, China, Iran and North Korea, than it ever has before.
Working with the Foreign Commonwealth Office (FCO) on the public attributions of states, has been an overt action that shows other nation states that there will be consequences of their actions.
Underpinning a public attribution by government of this kind requires months of investigative work and sharing of information with partners, to build the investigative picture and a coalition of partners who will move in lockstep with UK government.
The NCSC’s ambition is to deliver an ecosystem that transforms cyber threat knowledge sharing, brings disparate initiatives together by giving them a clear purpose (to reduce harm), and enhances them in a coherent and coordinated way. Ultimately the Cyber Defence Ecosystem (CDE) ensures the right knowledge gets to the right people at the right time, in the right format.
The CDE aims to foster a national (and hopefully international) ecosystem of collaborative threat analysis and automated threat sharing using open industry standards. The initiative complements the ACD programme, which since 2016 has shown how simple measures can greatly reduce commodity cyber attacks.
The NCSC is committed to sharing as much of its knowledge in real time as possible. This has manifested itself in the creation of the Indicator of Compromise (IOC) Machine, which has transformed the way top sensitive material is ‘declassified’ into the public domain – greatly increasing the UK’s resilience to cyber threats.
Since it went live this year, the technology has enabled a tenfold increase of vital indicators the NCSC shares with external internet service providers and industry partners. This now means that in an average month more than 1,000 vital indicators are being shared at the click of a button.
Situated in the heart of Victoria, London, the NCSC’s ‘Nova South’ headquarters offer a dynamic environment to deliver the organisation’s mission. It fosters a culture of innovation and ways of working fit to address 21st century security challenges.
Its central location, within walking distance to Whitehall, ensures the NSCS’s expertise on key matters of national security can be called upon at short notice.
The facilities offer an open and flexible workspace, complemented by the full range of security capabilities enabling seamless working across classifications.
The NCSC has welcomed a huge variety of guests, including prime ministers, ministers, senior officials and parliamentarians from across the world, through to industry leaders and the next generation of cyber talent with schools visits.
In the past year, the NCSC has hosted 197 events, with more than 9,000 attendees visiting its London headquarters.
Cyber attacks do not respect international boundaries, and many of the threats and vulnerabilities we face are shared around the globe.
Each state has sovereignty to defend itself as it sees fit, but it’s vital that as a country, we work closely with our allies to make the internet as safe as possible.
Since its creation, the NCSC has worked with countries on every continent to help share information and improve cyber defence.
In the past year, the NCSC has welcomed international delegations from 56 countries. NCSC representatives have visited more than 20 countries for bilateral and multilateral engagements, as well as participating as spokespeople in 30 international events.
Cyber attacks do not respect international boundaries, and many of the threats and vulnerabilities we face are shared around the globe.
Each state has sovereignty to defend itself as it sees fit, but it’s vital that as a country, we work closely with our allies to make the internet as safe as possible.
Since its creation, the NCSC has worked with countries on every continent to help share information and improve cyber defence.
In the past year, the NCSC has welcomed international delegations from 56 countries. NCSC representatives have visited more than 20 countries for bilateral and multilateral engagements, as well as participating as spokespeople in 30 international events.
A range of international cyber dialogues were attended by leaders from across UK government including the Cabinet Office, the Foreign and Commonwealth Office, DCMS and the Department for International Trade. These conversations help develop the UK’s relationships around cyber security and policy with its key partners. The NCSC’s contributions include threat assessments, technical advice and insights from incident management practice to help coordinate operational approaches and enhance cyber security standards.
“The NCSC’s world-class capabilities and analysis have underpinned UK government attributions of malign cyber attacks. On the international front, the relationships it has built and the cyber capacity building programmes it has supported continue to play a vital role in delivering for Global Britain.”
Alexander Evans, Director Cyber, Foreign and Commonwealth Office
The NCSC works closely with NATO to support its deterrence and defence objectives. As part of the Cyber Defence conference, NATO allies reinforced a pledge to ensure strong and resilient cyber defences.
The UK’s Foreign and Defence secretaries hosted NATO’s Secretary General, the North Atlantic Council Ambassadors and 120 cyber experts from 29 countries for conference sessions at the NCSC’s headquarters and Lancaster House in London.
The NCSC strongly supports the full implementation of the Cyber Defence Pledge agreed in Warsaw in 2016, to ensure that the Alliance is cyber aware, cyber trained, cyber secure and cyber enabled.
Experts from the ‘Five Eyes’ intelligence agency alliance advocated for global cyber attack resilience when sharing a stage together for the first time on UK soil.
The Five Eyes intelligence alliance comprises the UK, USA, Canada, Australia and New Zealand. Through the alliance, participating countries work closely together to keep their citizens safe from cyber threats.
The public session took place at the NCSC’s annual conference, CYBERUK 2019, which saw 2,500 cyber security experts come together for a two-day event in Glasgow’s Scottish Exhibition Centre.
The panel considered the shared threats and global vulnerabilities that exist in cyber systems. During the event, delegates had the opportunity to share their experiences of countering these threats and the different approaches used.
Five Eyes intelligence alliance panel chaired by Yasmin Brooks, Director of Cyber, DCMS
Smartphones, computers and the internet are now such a fundamental part of modern life, it’s difficult to imagine how we’d function without them. That’s why cyber security is so important.
From online banking and shopping, to email and social media, it’s vital to take steps that can prevent cyber criminals getting hold of our personal accounts, data, and devices.
The NCSC is leading the way in supporting people and organisations to make sensible, informed, evidence-based decisions about the protective measures they can take, supporting them to manage their cyber security risk and make their online behaviour secure.
Smartphones, computers and the internet are now such a fundamental part of modern life, it’s difficult to imagine how we’d function without them. That’s why cyber security is so important.
From online banking and shopping, to email and social media, it’s vital to take steps that can prevent cyber criminals getting hold of our personal accounts, data, and devices.
The NCSC is leading the way in supporting people and organisations to make sensible, informed, evidencebased decisions about the protective measures they can take, supporting them to manage their cyber security risk and make their online behaviour secure.
Cyber security is of growing importance, but many people do not understand the potential impact that threats can have, or how to manage them when they do. That’s why the NCSC supports the UK’s individuals and families to deal with the common cyber problems they may encounter in their everyday lives, helping them to stay secure.
As well as advice on keeping secure at home and work by protecting people’s devices and data, guidance is now easily accessible on topics such as how to shop online securely, how to use social media safely, and how to choose the right antivirus product.
The NCSC also offers advice on dealing with cyber crime, and how to report a problem when something goes wrong online. The NCSC’s website includes tips for staying secure online, such as simple steps that can be taken in less than five minutes which significantly reduce the chance of falling victim to cyber crime. It also guides users on what to do if their computer has been attacked by a virus or an account has been hacked.
For more information, see the NCSC website
The NCSC’s public enquiries service dealt with 11,000 queries over the past year, representing more than 200 enquiries every week. The NCSC enquiries team can be contacted via enquiries@ncsc.gov.uk or by calling 0300 020 0964.
The vast majority of organisations in the UK rely on digital technology to function. Good cyber security helps them take full advantage of the opportunities that technology brings.
The NCSC has worked with DCMS to identify priority sectors to tailor support. It has developed effective partnerships across 14 economic sectors as well as in education, charities and voluntary organisations. Since the NCSC launched, it has built trusted relationships, produced actionable guidance and innovative self-help tools to raise cyber security resilience across the sectors it serves.
Exercise in a Box is an online tool which allows organisations to find out how resilient they are to a cyber attack, and to evaluate their readiness to respond. The tool was originally designed for SMEs, local government and emergency services, but high demand has seen many larger organisations using the tool to determine their own resilience.
Ciaran Martin, NCSC CEO, says: “Large or small, private or public sector, getting your organisation to practice what happens in a cyber attack helps you to spot the gaps in your fitness regime and shows where you might need to change up a gear.”
Steve, one of the NCSC’s experts who helped design the concept, says that exercising is one of the best ways for a business to find out how they would react to an incident.
“There are plenty of commercial products that offer exercises for companies, but they can be very expensive. We designed this to be a free tool because we wanted SMEs to get used to the concept of exercising.
“Any company can do these exercises on their own and know they are doing it in a safe environment. It’s much better to practice beforehand rather than waiting for the real event.
“You don’t have to be technically-minded to use this product. It’s all done in a language that can be readily understood, with lots of supporting material and resources.
“We’ve been really impressed with how popular these exercises have been, not only in the UK, but around the world. We are now looking to evolve the concept for bigger businesses and the public sector.”
Learn more about Exercise in a BoxThe NCSC’s e-learning video, Top Tips for Staff, has proved immensely popular with small businesses and individuals, as a free, easily accessible guide to keeping safe online.
The 30-minute video, aimed at a nontechnical audience, covers four key areas: protection against phishing, the importance of strong passwords, securing devices and reporting incidents when things go wrong.
The NCSC’s Jack says: “The tips can be used by anyone, from large companies to people working on their own from home. It’s highlighting the message to organisations that their first line of security is their staff.
“The advice has been taken up by many smaller businesses and charities which may not have their own IT departments or the resources to train employees in cyber security, attracting 1,500 hits per month to the NCSC website.”
Learn more about Top Tips for StaffA government survey found that many of the UK’s 180,000 charities had experienced cyber breaches, including viruses, phishing emails, ransomware attacks and identity theft.
While criminals may pursue financial gain, charities have also been attacked by hackers motivated by a personal or political agenda.
One UK charity lost £13,000 after its CEO’s email account was hacked, and a fraudulent message sent to its financial manager with instructions to release the funds. Often such crimes go unreported because of a charity’s fear of reputational damage.
In response to this, the NCSC has developed an educational programme designed to put the charity sector on a much stronger footing in cyberspace. The programme features a series of simple steps to protect organisations from attack, saving reputation, funds and data from falling into the hands of criminals.
Charities often prefer to seek advice from the bodies that represent them, so a partnership has been made with NAVCA which supports 145,000 charities and voluntary groups in England. A successful programme has been developed to train volunteers to deliver cyber safety awareness sessions for charities and voluntary groups within local communities.
The pilot showed a clear need for these sessions, with 96% of participants having felt that their increased awareness of cyber safety would improve their organisation.
Boards are pivotal in improving the cyber security of their organisations. The Board Toolkit has been created by the NCSC to encourage essential discussions about cyber security to take place between the Board and their technical experts, helping to raise the maturity, readiness and resilience of the UK’s largest organisations against cyber threats.
New regulations, such as GDPR, mean that board members have a responsibility to ensure good cyber security protects their organisation’s resilience in a complex digital world.
The NCSC’s Katie says that while those on a board may have the confidence to ask the right questions on accounting or health and safety matters, they don’t have the same confidence on cyber security issues.
“The Board Toolkit gives organisations a starting point to examine this topic. They may want to put cyber security on the agenda, but are looking for a good place to start. This toolkit provides an introduction to a wide range of subjects in a digestible format.
“Board members can ask any questions, knowing they will receive an engaging and informed discussion with technical experts that will enable them to take positive action.”
Learn more about the Cyber Security Toolkit for BoardsHosted in Scotland for the first time, CYBERUK 2019 reached nearly 3,000 delegates across industry, government and academia. The event delivered a wide range of content through demonstrations, talks and interactive workshops with worldleading experts.
The NCSC will be hosting CYBERUK 2020 in Wales.
CYBERUK 2019 at the Scottish Event Campus in Glasgow
The NCSC uses industry and academic expertise to nurture the UK’s cyber security capability. It helps to build the UK’s talent pipeline, promote innovation and develop the country’s cyber security research, ensuring a secure, resilient and prosperous economy by providing people and organisations with the cyber security skills they need.
The NCSC uses industry and academic expertise to nurture the UK’s cyber security capability. It helps to build the UK’s talent pipeline, promote innovation and develop the country’s cyber security research, ensuring a secure, resilient and prosperous economy by providing people and organisations with the cyber security skills they need.
CyberFirst aims to identify and nurture young talent, engaging students from all backgrounds and regions, helping them to explore their passion for technology and providing them with the necessary skills and knowledge to put it into practice.
Now in its fourth year, the CyberFirst Bursary is continuing to provide financial support, cyber security training and work experience to over 750 UK undergraduates, helping young people kick start their career in cyber.
To date, 56 Bursary students have graduated from the CyberFirst programme and have moved into full time cyber security roles with companies and government departments, including; BAE Systems, Barclays, IBM, Netcraft, Encipher Ltd, Lockheed Martin, DSTL, HMGCC, MET Police, the MoD, GCHQ and at the NCSC.
“The CyberFirst Bursary scheme has been the best thing I’ve ever done in my life and has opened so many doors for me. I’ve had the opportunity to meet new people, make new connections and gain new skills.”
Tia, CyberFirst Bursary student, Scotland
Joanna reached the final of the CyberFirst Girls Competition at the age of 12, before going on to complete the CyberFirst Adventurers, Defenders, Futures and Advanced courses. She is now considering a CyberFirst apprenticeship.
“Before the CyberFirst Girls Competition, I didn’t really know much about GCHQ and the kind of jobs that were available. I had an interest in computers, but I wasn’t sure where to go next. After taking part in the finals of the competition, I realised I had a love of information gathering and evaluation. The competition sparked a passion that has led me to want to pursue a career in intelligence/data analysis.
“After the competition I was invited to join the CyberFirst courses, which excited me as I wanted to find out more about technology and how it can be used to protect us. During the course, we were told about the CyberFirst apprenticeship and bursary, and what our next steps could be if we were interested in a career in cyber security. I’m now hoping to apply for the apprenticeship when I finish sixth form. I probably would have never found out about this area of work if it wasn’t for the CyberFirst Girls Competition!”
Watch the highlights videos from 2019
The CyberFirst Girls Competition inspires the next generation of young women to consider a career in cyber security. This free, nationwide contest is open to girls in Year 8 in England and Wales, Year 9 in NI and S2 in Scotland.
A free one-day non-residential course aimed at 11 to 14 year-olds. The course consists of four themed modules offering interactive, hands on, self-guided, exploratory learning.
A free five-day residential and non-residential course aimed at 14 to 15 year-olds, helping to increase awareness of cyber security, whilst also equipping them with relevant practical skills they can apply in their own life.
Cyber Discovery is the government’s free, online, extracurricular programme developing the cyber security skills of teenagers across the country. For students aged 13 to 18, the NCSC is seeking problem solvers, code crackers and, most importantly, those who never give up.
A free five-day residential and non-residential course aimed at 16 to 17 year-olds, to hone the skills and behaviours they need to enter the cyber security or computing workplace for real.
A free five-day residential and non-residential course aimed at 15 to 16 year-olds, to explore advanced cyber security threats to devices, apps and software, and discover ways to prevent them.
A CyberFirst Bursary offers undergraduates £4,000 per year financial assistance and paid cyber security training each summer to help kick start their career in cyber.
A CyberFirst Degree Apprenticeship allows undergraduates to earn whilst they learn, ready for a job with GCHQ.
The CyberFirst Courses are carefully designed to bring out every student’s potential. Open to 11 to 17 year-olds, students are encouraged to understand how everyday technology works and importantly, how to protect it. This year, courses took place in Paisley, Cardiff and Belfast, as well as Newcastle, Southampton, Warwick, Gloucester and London.
All CyberFirst summer courses have been credit rated by the Scottish Qualification Authority (SQA) and have been independently certified as a GCHQ Certified course, which is a fantastic endorsement of the course content, quality and delivery.
Finalists of the CyberFirst Girls Competition 2019 grand final in Edinburgh
With the largest and most diverse set of participants, the CyberFirst Girls Competition 2019 was the most successful to date. Nearly 12,000 girls from 841 schools entered from all corners of the UK – from Jersey to Caithness, Essex to Londonderry – with double the number of schools participating from Scotland and Wales.
Following the competition, 98% said they would like to learn more about cyber security.
Watch the highlight videos“The competition has helped me learn lots of new things that I had never heard of before. It opened my eyes to what cyber security is really like, and what it takes to become a cyber security professional. There aren’t many girls in cyber security, so it is important to encourage more to get involved.”
Erinna, The Queen’s School, Chester
The last 12 months have seen the first full academic year of Cyber Schools Hubs, created to develop a model for engaging with schools on cyber security. The project currently supports schools across Gloucestershire, in a variety of ways, from sharing technical equipment and lesson plans, to funding educational visits and linking with industry supporters.
The NCSC Certified Degree community has continued to grow, with seven certified undergraduate degrees and 24 certified postgraduate degrees. Universities across the UK, from Bristol to Dundee, Pontypridd to Belfast, now offer certified degrees. This year also saw the publication of a new standard to certify Degree Apprenticeships in Cyber Security, based on the Institute for Apprenticeships and Technical Education’s recently published Cyber Security Technical Professional standard.
Cyber security encompasses a wide range of disciplines, but its relative youth means it lacks the coherence found in more mature STEM fields. In response to this, the NCSC set up the Cyber Security Body of Knowledge, with the long-term aim of contributing to the development of the cyber security profession. The project’s purpose is to codify the cyber security knowledge which underpins the profession. The project focuses on providing learning pathways, professional development and careers information for the people of the UK.
Working with partners in government, industry and academia, the NCSC identifies and supports excellence in cyber security research and encourages industry investment. By continuing to work with external partners, the NCSC is helping to put the UK at the forefront of internationally leading cyber security research.
Academic Centres of Excellence in Cyber Security Research (ACE-CSR) are at the forefront of cyber security research in the UK and showcase the UK’s research capabilities on the global stage. The NCSC and the Engineering and Physical Sciences Research Council recently welcomed De Montfort University and Northumbria University to the ACE-CSR community, bringing the total number of universities recognised to 19.
The NCSC is now supporting four successful academic Research Institutes, to develop cyber security capability in strategically important areas. Each one is focusing community effort in its respective area and encouraging interaction between academia and industry.
The Research Institute academics are increasingly providing their expertise into relevant government policy activity. Examples include the UK Research and Innovation-managed ‘Digital Security by Design’ challenge advisory board and assisting the DCMS and the NCSC with developing the Institute of Technology Code of Practice.
The NCSC aims to develop the UK’s cyber security ecosystem by transforming innovative ideas into real world solutions.
The NCSC Cyber Accelerator supports the growth of start-up cyber companies which are bringing new security products to market. It aims to support the emerging cyber security industry within the UK, encouraging skills, jobs and growth.
The third cohort of the NCSC Cyber Accelerator has created 30 jobs, won 18 trials, proof of concept and contracts and raised more than £15 million in funding.
Case study - Cyber Accelerator: Nettoken Case study - Cyber Accelerator: LuJam
NCSC Cyber Accelerator entrepreneurs
The last century has seen GCHQ placed at the heart of the nation’s security and it is committed to continuing to keep the UK safe for the next 100 years and beyond. This year saw a number of events take place to celebrate the milestone.
Coinciding with the centenary and in a first for a UK intelligence agency, GCHQ has launched a new exhibition which will take visitors through the history of secret communications. 'Top Secret: from Ciphers to Cyber Security', explores a century’s worth of intelligence that underpin GCHQ’s vital role.
Supported by funding from the National Cyber Security Programme, free tickets are available to book on the Science Museum’s website. From July to September 2019, 80,000 people visited the exhibition. It runs in London until February 2020, moving to Manchester’s Science and Industry Museum in October the same year.
Find out more about the exhibition
Bletchley Park section at 'Top Secret' at the Science Museum
© Jody Kingzett, Science Museum Group
“For the first time the public will be given a glimpse into our secret history of amazing intelligence, world-leading innovation, and most of all brilliant people. And – as the threats to the UK become more diverse and complex – it’s a chance to encourage the next generation of recruits. Because at GCHQ we believe that with the right mix of minds, anything is possible.”
Jeremy Fleming, Director, GCHQ
Her Majesty The Queen visited the original top secret home of GCHQ as part of the centenary celebrations for the UK’s intelligence, security, and cyber agency.
During The Queen’s visit, she met with the 2018 CyberFirst Girls Competition winners from The Piggott School.
Her Majesty The Queen unveils an historic plaque at Watergate House, the 1919 birthplace of GCHQ
The NCSC contributed to the development of GCHQ’s Puzzle Book II. It includes stories from the organisation’s inception, all the way through to the opening of the NCSC and puzzle designs based on previous cyber competitions.
The proceeds from the sales of Puzzle Book II will be donated to Heads Together, which works to raise the profile of the importance of mental health.
