The surge in reported cyber incidents to the UK’s National Cyber Security Centre (NCSC), reaching an “all-time high” with a 64% increase in voluntary reports, underscores the escalating cyber threat landscape.
The incident management team had to triage responses to 371 of the 2,005 reported incidents, with 62 deemed nationally significant and 4 classified among the most severe.
Applications being hacked, notably exploiting a vulnerability (CVE-2023-3519) affecting Citrix’s NetScalers, constituted a significant portion of incidents. The exploitation initially involved threat actors placing webshells on vulnerable services, with subsequent automated attacks on remaining unpatched services after a patch was available.
The NCSC expressed concern about poor cyber hygiene contributing to these incidents, emphasizing the need for better security practices. The review also highlighted an increased cyber threat to critical national infrastructure, with state-sponsored and criminal hackers targeting various sectors.
Financially motivated ransomware gangs posed a significant threat, while state-sponsored cyber activities from Russia, China, Iran, and North Korea drew attention over the past year.
The warning against the misconception that state activity is solely espionage is crucial, as the NCSC emphasized that disruptions and destruction could be the objectives.
While the NCSC believes there isn’t an immediate threat of significant infrastructure disruption, it cautions against relying on this situation persisting indefinitely. This underscores the ongoing need for vigilance, enhanced cybersecurity measures, and a proactive approach to counter evolving cyber threats.
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.