Content Assessment: From Russia (and China) with Love? The UK National Cyber Security Centre Annual Review
Information - 95%
Insight - 95%
Relevance - 95%
Objectivity - 90%
Authority - 100%
A short percentage-based assessment of the qualitative benefit of the post highlighting the recently published annual review from the UK's National Cyber Security Centre (NCSC).
Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.
To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.
Backgrounder Information: The National Cyber Security Centre (NCSC), a part of GCHQ, is the UK’s technical authority for cyber security. Since the NCSC was created in 2016 as part of the Government’s National Cyber Security Strategy, it has worked to make the UK the safest place to live and work online.
This review of its fifth year looks at some of the key developments and highlights between 1 September 2020 and 31 August 2021. As part of a national security agency not all its work can be disclosed publicly but the review seeks to describe the year with insights and facts from colleagues inside and outside of the organization.
Annual Report from the NCSC*
National Cyber Security Centre Annual Review 2021
Extract from Report: Global Threat Actors
The NCSC continued its work with global partners to detect and disrupt shared threats, the most consistent of these emanating from Russia and China. In addition to the direct cyber security threats posed by the Russian state, it became clear that many of the organized crime gangs launching ransomware attacks against Western targets were based in Russia.
China remained a highly sophisticated actor in cyberspace with increasing ambition to project its influence beyond its borders and a proven interest in the UK’s commercial secrets. How China evolves in the next decade will probably be the single biggest driver of the UK’s future cyber security.
While less sophisticated than Russia and China, Iran and North Korea continued to use digital intrusions to achieve their objectives, including through theft and sabotage.
Extract from Report: Ransomware
Ransomware became the most significant cyber threat facing the UK this year. Due to the likely impact of a successful attack on essential services or critical national infrastructure, it was assessed as potentially harmful as state-sponsored espionage.
In 2020 the NCSC observed the evolving model of criminals exfiltrating data before encrypting victim networks; data which they then threatened to leak unless the ransom was paid (known as double extortion).
Ransomware gained increased public attention following attacks on Colonial Pipeline in the US, which supplied fuel to the East Coast, and against the Health Service Executive in Ireland. In the UK there was an increase in the scale and severity of ransomware attacks. Hackney Borough Council suffered significant disruption to services – leading to IT systems being down for months and property purchases within the borough delayed. Attacks this year were across the economy, targeting businesses, charities, the legal profession, and public services in the education, local government, and health sectors.
Among other ransomware incidents investigated was a major attack on the American software firm Kaseya. In July, the NCSC helped to identify and support British victims after the Florida-based company was infiltrated by a hacking group, which seized troves of data and demanded $70m (£51.5m) in cryptocurrency for its return. The NCSC welcomed international efforts in tackling ransomware when it was discussed at the G7 meeting of world leaders in Cornwall, underlining the need for coordinated multilateral attention.
NCSC Annual Review 2021
- An Economical Impact? How Cyber Insurance Shapes Incident Response
- Defining Cyber Discovery? A Definition and Framework