Category: NCSC

The inception of the National Cyber Security Centre (NCSC) of the United Kingdom in 2016 marked a pivotal step in issuing alerts concerning cyber attacks and hacking incidents. Tasked as the cyber arm of GCHQ (Government Communications Headquarters), its primary aim is to fortify both public and private sectors against digital onslaughts orchestrated by cyber adversaries.

However, recent events have brought the organization under scrutiny across various social media platforms due to a password-related gaffe. Visitors to the NCSC headquarters in London were reportedly furnished with the passcode ‘1234’ to access doors leading to high-tech facilities. This move drew ire from attendees, particularly those eager to hear Lord Cameron’s speech, who perceived it as a lax approach to cybersecurity, especially amidst the prevailing global cyber threats.

Several attendees voiced their concerns to the IT staff, emphasizing the necessity for a more robust cybersecurity posture from a federal organization of such caliber. Some even took to platforms like Twitter and Facebook, ironically echoing the cybersecurity advice disseminated by NCSC on password management and implementation.

Ironically, the agency itself issued an alert in February 2024 advising against using easily guessable passwords like ‘1234’, citing their vulnerability to exploitation. While there has been no official comment from Whitehall regarding the issue, negligence in addressing this matter could pose significant security risks.

However, a source from the headquarters assured that stringent security protocols are in place to fortify infrastructure against digital threats. The source also clarified that the ‘1234’ passcode was a temporary measure and will be promptly reset after each public use, as per standard protocol.

Nevertheless, the potential ramifications of such oversight are significant, as any journalist with malicious intent could easily exploit the four-digit passcode to gain unauthorized access to the premises.

The post Britain NCSC faces Password Embarrassment appeared first on Cybersecurity Insiders.

The UK’s GCHQ cyber arm, the National Cyber Security Centre (NCSC), is warning of an imminent surge in AI-based ransomware threats over the next two years. The intelligence and security agency of the United Kingdom emphasizes the critical need for businesses to adopt proactive security measures to safeguard their future.

A notable projection from the agency suggests that cybercriminals with low-level competency will increasingly leverage Artificial Intelligence to enhance their endeavors in spreading file-encrypting malware, leading to a threefold increase in financial gains. The advancing technology is anticipated to elevate the success rate of targeting victims, providing criminals with enhanced capabilities to identify and exploit vulnerable devices more effectively, showcasing innovation and sophistication in malware propagation.

NCSC CEO Lindy Cameron assures that the British government is committed to fortifying cybersecurity efforts by investing 2.6 billion pounds. This investment, supported by contributions from private entities engaged in AI development, aims to enhance national cybersecurity resilience through improved detection mechanisms and robust framework design.

Geopolitical tensions, such as the strained relations with Russia due to its support for Ukraine, have intensified the cybersecurity threat landscape. Russia, in its efforts to destabilize the UK, is likely to employ platforms like GenAI to bolster its position in the realm of cybercrime.

To mitigate risks, businesses are strongly advised to adhere to cybersecurity best practices, implementing thorough hygiene measures. Additionally, having a robust data backup system in place is emphasized to ensure efficient data recovery in the event of a cyber incident.

The post AI Ransomware Threat to increase in two years says UK GCHQ appeared first on Cybersecurity Insiders.

#1 The history of the National Cyber Security Centre The UK’s first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security. To be effective, it had to be able to take advantage of high-grade […]… Read More

The post 5 Things to know about the UK’s National Cyber Security Centre (NCSC) appeared first on The State of Security.

UK’s National Cyber Security Centre, shortly known as NCSC, has launched an Email Security check service that will help organizations identify cyber threats lurking in spoofed emails that can lead to data breaches.

The newly released email security check tool dubbed ‘Mail Check Service’ doesn’t ask for any personal details or for a login. It is free and is available to all industry sectors.

Britain seems to be on a cybersecurity mission to safeguard its IT Infrastructure from Russian hackers. And to bolster the security, the cyber arm of GCHQ has devised email security controls that help in keeping a tab on email domains and check for any spoofing emails hitting the network leading to privacy risks.

Interestingly, the tool cannot be used by cybercriminals to identify any vulnerabilities in email servers as it is only available to companies that are already registered in the fair-operations database of NCSC.

Currently, Mail Check Service is only available to public sector organizations, local authorities, utilities, and emergency service and organizations serving the healthcare sector. And soon, there is a high probability that its support can be extended to companies operating in the private sector.

The only negative aspect of this service is that it cannot identify threats lurking in individual emails or email domains and can only identify spoofed domains such as gmail.com, microsoft.com, and such…

Those already receiving phishing emails or suspect receiving malicious emails can forward them to [report at the rate phishing dot gov dot uk]

 

The post UK National Cyber Security Centre launches Email Security Service appeared first on Cybersecurity Insiders.

A group of hackers have launched a cyber scam by posing as the chief executive officer of National Cyber Security Centre, Lindy Cameron. The cyber fraud was smartly drafted in such a way that it is difficult to make out whether it is genuine or malicious.

Going deep into the details, some hackers are seen sending emails to innocent victims claiming to be associates of Lindy Cameron and urging the victim to send bank details, as funds from their bank accounts were stolen by hackers and the law enforcement is ready to reimburse it, once accurate details are provided.

Believing the email content, when the victim sends personal details including bank account numbers, the cyber criminals then try to siphon money from the bank accounts.

NCSC is warning the online populace of Britain to stay away from such online frauds by educating themselves on what is happening inside the digital world.

The cyber arm of GCHQ has also mentioned in its statement that it has blocked about 3 million scams on the internet in the year 2021-mainly related to celebrity endorsements, extortion emails related to dating and X rated website visits, and other cyber frauds related to vaccination and vaccine passports.

To eradicate such crimes from roots, CyberUK Summit started an Active Cyber Defense (ACD) campaign last year and news is out the ACD helped in preventing millions of attacks from hitting the UK populace in the past few months.

Hope it does!

The post Hackers try to cyber scam by posing Chief Executive of Lincoln College appeared first on Cybersecurity Insiders.