On multiple occasions, the National Cyber Security Centre (NCSC) has alerted UK financial institutions to imminent threats from ATM cash-out fraud at home and abroad, according to its third annual review.
That’s cyber criminals aiming to compromise banking and payment machinery, and obtaining card details that can be used to withdraw large sums of cash from unwitting ATMs. Once already in progress, these attacks can be difficult to stop, the review says (more on threats to ATMs in the November 2019 print issue of Professional Security magazine).
NCSC alerted 56 banks to a specific ATM cash-out threat after receiving actionable information. “As a result, the banks were able to block any attempt by the attackers to fraudulently withdraw money from customer accounts,” the report said.
As for the NCSC’s ‘Active Cyber Defence’, the centre proposes among other things an ‘automated system which acts on information from the public to take down
malicious sites’; and an NCSC ‘Internet Weather Centre’, to ‘draw on multiple data sources to enable full understanding of the UK’s digital landscape’.
As a sign of how public and private alike have to protect their digital assets even when getting rid of them, the review gives the example of two fire services that merged to form one service with a new name and associated internet domain. One of those original two deregistered their original domain. “However in just three months, Synthetic DMARC blocked more than 150,000 emails from this now non-existent domain,” the report says, DMARC being the email authentication, policy and reporting protocol, against phishing attacks which spoof domains.
As for the NHS, which suffered in a 2017 malware attack, the NCSC has been working with NHS Digital, the national information and technology partner for the health service in England, on the procurement of a new IT ‘perimeter security solution’. Likewise the NCSC has been working with the NHS in Scotland, Wales and Northern Ireland. As for protection of critical national infrastructure such as utilities, the report says work with energy firms has been ‘diverse and extensive’.
Despite all the work, the report quotes from a department head at a utility that cyber attacks remain a case of ‘when not if’.
What they say
Cabinet Office Minister Oliver Dowden welcomed the review, ‘which shows that we are making the UK a more challenging place for our cyber adversaries to operate in’. He said: “We’ve made great progress on making the UK safer since launching our world-leading £1.9 billion cyber security strategy in 2015. Establishing the NCSC was a key part of this and has played a central role in tackling online threats posed by criminals, hacktivists and hostile nation states.”
NCSC Chief Executive Ciaran Martin said: “From handling more than 600 incidents – many from hostile nation states – to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts.”
Among stats, the NCSC:
– Handled 658 incidents, with support provided to almost 900 victim organisations;
– Produced 154 threat assessments for a range of sectors;
– Delivered, along with sector and law enforcement partners, cyber security awareness and training sessions to more than 2,700 charities; and
– Welcomed visiting delegations from 56 countries.
For Oliver Dowden’s speech at the NCSC’s London headquarters to release the report, visit https://www.ncsc.gov.uk/speech/oliver-dowden-annual-review.
