Businesses report record number of suspicious emails and URLs in 2022
A new report reveals a record-breaking 7.1 million suspicious emails and websites reported to authorities in 2022 – equivalent to one every five seconds.
In a year plagued by escalating cyber threats, British businesses and citizens reported a staggering number of suspicious emails and websites, averaging one every five seconds, according to a report released by the National Cyber Security Centre (NCSC), an agency of the Government Communications Headquarters (GCHQ).
The report, which highlights the sixth year of operations of the Active Cyber Defence (ACD) programme, underscores the vital role that cyber security plays in protecting the nation's businesses and citizens.
Between January and December 2022, the NCSC's free Suspicious Email Reporting Service (SERS) received approximately 7.1 million reports of suspicious emails and URLs. This equates to nearly 20,000 reports per day, with a significant contribution coming from UK businesses. The NCSC promptly acted upon these reports, resulting in the direct removal of approximately 235,000 malicious URLs from the internet, an average of less than 6 hours from the time of reporting.
The ACD programme, known for its "whole-of-society" approach to cybercrime, aims to prevent high-volume cyber-attacks from reaching UK organisations and citizens. The programme's success in engaging businesses and citizens in cyber security efforts is evident from the report, with 39 per cent more organisations signing up for ACD's free services in 2022. These services are designed to empower users without specialised knowledge or dedicated security functions to enhance their cyber resilience.
While large corporations often have dedicated resources to tackle cyber threats, small businesses constitute 99 per cent of the UK's business ecosystem and face unique challenges in achieving robust cyber security. Recognising the importance of small businesses in national prosperity, the NCSC launched two accessible ACD services in 2022 to support them.
The first, Email Security Cheque, provides a quick and simple way for small businesses to assess email security aspects such as anti-spoofing and email encryption. Since its launch in April 2022, over 54,000 email domains have been scanned using this tool. The second service, Cheque Your Cyber Security (CYCS), offers a scalable vulnerability cheque tool tailored specifically for small organisations to identify and fix critical vulnerabilities independently.
Martin McTague, National Chair of the Federation of Small Businesses (FSB), emphasised the persistent risk of cybercrime faced by small firms and commended the NCSC for making its services accessible to SMEs. McTague stated that cybercrime is viewed as the most impactful crime for small businesses in terms of both cost and disruption to their operations.
By providing accessible tools and expertise, the NCSC is enabling small businesses to enhance their protection in the digital world.
The report also revealed notable trends in cyber threats during 2022. Phishing scams remained the most prevalent form of attack hosted in the UK, although the number of global phishing campaigns hosted in the country showed a decline.
Additionally, opportunistic attacks leveraging the HMG brand decreased by 17 per cent. However, cryptocurrency scams exploiting the crisis in Ukraine were consistently prevalent throughout the year.
The ACD programme's Protective Domain Name Service (PDNS), which offers safeguards to prevent organisations from accessing malicious sites containing malware and phishing attacks, played a significant role in protecting UK entities. In 2022 alone, PDNS blocked a staggering 11 billion DNS queries for 420,000 domains, providing a crucial layer of defence against cyber threats.
Jonathon Ellison, NCSC Director for National Resilience and Future Technology, lauded the ACD programme's tireless efforts in combating cyber threats and ensuring the safety of the nation. Comparing the cyber threat landscape to a Hydra, Ellison highlighted the continuous emergence of new threats.
He emphasised that cyber security is not solely the responsibility of tech specialists but requires the active engagement of businesses. Ellison expressed the NCSC's commitment to supporting small businesses in bolstering their cyber defences through accessible, free tools and the upcoming integrated MyNCSC platform.
The NCSC's annual report demonstrates the growing awareness and participation of British businesses and citizens in the fight against cybercrime. By reporting suspicious emails and URLs and utilising the resources provided by the ACD programme, organisations and individuals are actively contributing to a safer digital environment. As the threat landscape continues to evolve, the collaboration between the NCSC, businesses, and citizens will remain essential in countering cyber threats and safeguarding the nation's prosperity.
The report from the NCSC highlights the remarkable efforts made by British businesses and citizens in combating cyber threats. With a record number of suspicious emails and URLs reported in 2022, the NCSC's ACD programme has played a vital role in removing malicious content from the internet swiftly.
The engagement of small businesses, in particular, has been recognised, with the launch of accessible services tailored to their unique needs. As cyber threats persist and evolve, the report emphasises the importance of a collective effort to enhance cyber resilience and protect the digital landscape of the United Kingdom.
© Copyright IBTimes 2024. All rights reserved.