NCSC reveals details of millions of cyberattacks on Britons

  • Home Blog NCSC reveals details of millions of cyberattacks on Britons

NCSC reveals details of millions of cyberattacks on Britons

7th February 2018

NCSC reveals details of millions of cyberattacks on Britons

Criminals established thousands of websites posing as government departments in an attempt to scam visitors out of sensitive data.

The UK's National Cyber Security Centre has released data revealing the millions of cyberattacks against British citizens each year.

The attacks involved criminals posing as government departments, with 2,466 criminal groups creating over 16,000 spoof websites pretending to be HM Revenue & Customs alone.


The data has been released to celebrate the success of four "Active Cyber Defence" (ACD) programmes which were launched last year as a way of disrupting the low-level high-volume attacks that affect British citizens.

According to the NCSC, since the ACD programmes were launched, the UK's share of visible global phishing attacks dropped from 5.3% (June 2016) to 3.1% (Nov 2017).

Authorities removed 121,479 phishing sites hosted in the UK and 18,067 worldwide which were spoofing the Government.

Meanwhile, the number of scam emails from bogus '@gov.uk' accounts dropped by 515,658.

The ten most commonly spoofed sites were:

:: HM Revenue & Customs (16,064)
:: Gov.uk (1,541)
:: TV Licensing (172)
:: DVLA (107)
:: Government gateway (46)
:: Crown Prosecution Service (43)
:: A UK University (23)
:: Student Loans Company (19)
:: Student Finance Direct (13)
:: British Broadcasting Corporation (8)

Dr Ian Levy, the NCSC's technical director, said: "The results we have published today are positive, but there is a lot more work to be done. The successes we have had in our first year will cause attackers to change their behaviour and we will need to adapt.

"Our measures seem to already be having a great security benefit - we now need to incentivise others to do similar things to scale up the benefits to best protect the UK from commodity cyberattacks in a measurable way."

Since the NCSC was founded in October 2016, the UK has not detected a Category One attack - defined as a national emergency or incident which poses an immediate danger to the population.

In that time there have been 34 Category Two incidents which have required high level involvement among government departments and agencies - including the WannaCry ransomware attack which hit the NHS last year.

The NCSC has also responded to 762 incidents assessed as Category Three, but none of the millions of attacks that were listed in Monday's report received that level of assessment.