Despite HMRC takedowns having the most attack URLs, it was in fact TV Licensing which suffered the most phishing campaigns (attack groups) during 2019, according to the third annual Active Cyber Defence (ACD) report from the UK official National Cyber Security Centre (NCSC).
The NCSC’s Takedown Service finds malicious sites and sends notifications to the host or owner to get them removed from the internet before significant harm can be done. The NCSC centrally manages the service, so government departments don’t have to sign up. The year 2019 was the third full year of the NCSC’s Takedown Service. Run by Netcraft on behalf of the NCSC, the service finds ‘bad stuff’ hosted on the internet and seeks to have it removed, the goal being to remove cyber security threats. Some 217,173 URLs were taken down in 2019; the brand protection for UK government departments and services taking in universities, and TV Licensing.
The Takedown Service also finds Advance Fee Fraud (AFF) attacks, aka the 419 scam, that the report describes as not only the oldest but also one of the most well-known attacks. Despite its simplicity, it still offers a valuable return on investment with respect to time and effort a fraudster might put into such campaigns, the NCSC adds. The National Lottery remains the most targeted brand in this category.
Among other services, Mail Check helps organisations assess their email security compliance and adopt secure email standards which prevent criminals from spoofing their email domains. Web Check helps owners of public sector websites to identify and fix common security issues, making sites in the UK a less attractive target to attackers. And Protective DNS or PDNS prevents users from accessing domains or IPs that are known to contain malicious content and stops malware already on a network from calling home.
Nominet delivers PDNS on behalf of the NCSC for the UK Government. David Carroll, MD of Nominet’s Cyber Security Arm, says: “As the report ‘Active Cyber Defence – The Third Year’ shows, PDNS made incredible headway in 2019 – and for that we’re incredibly proud. In taking those penultimate steps towards service maturity, PDNS has delivered real impact for the government departments and local authorities that are now on-boarded at scale. The sheer extent of queries and response demonstrates that PDNS is a genuine force multiplier in cyber defence. What’s more, we firmly believe that it’s not just what you deliver, but how you deliver it. The service wrap that sits alongside PDNS is second-to-none and ensures that end users are both protected and feel supported throughout the process. The stats around on-boarding and recommending PDNS speak for themselves and is a testament to the hard work of teams here at Nominet. Suffice to say, Active Cyber Defence is pioneering and we look forward to playing our part as it treads new ground in years to come.”
