Every year, unseen to the naked eye, the security of countries, organisations, and especially individuals across the world face the invisible threat of cybercrime. And in today’s highly digitised world, it’s a threat that is growing exponentially alongside our growing dependence on the internet.
Enter cyber security. Both a theoretical discipline and practice, at its core, cyber security is about protecting devices and online services from threats. It has been tipped to become one of the most in-demand jobs of the future, with it being listed as the number one concern of US CEOs in a recent survey by think tank The Conference Board.
The state of cyber security
Cyber attacks are often spoken of in terms of their effect on states or businesses, but they are perpetrated on individuals as well. Many of these attacks are due to easy-to-crack passwords or email scams asking for money; low in sophistication but high in exploitation.
But many are not so primitive. In the first quarter of 2019 alone, a McAfee Labs Threat Report – by the makers of popular McAfee anti-virus software – indicated an incredible rise of 118% in RansomWare attacks, a type of malware that encrypts a user’s device, only decrypting upon receipt of a demanded sum of money, usually in BitCoin. These attacks can be crippling, particularly for those who cannot afford to pay.
The fact is: anyone with a device connected to the internet should care about cyber security.
So in order to create a safer internet, the UK established the National Cyber Security Centre (NCSC) in 2016. The agency is ‘the UK’s independent authority on cyber security’. Their recently released Annual Review 2019 documents the agency’s growing relevance in startling detail.
A year in cyber protection
With their remit to ‘make the UK the safest place to live and work online,’ it’s the NCSC’s job to provide guidance on the issue of cyber security; to respond to any incidents within the UK; to advance cyber security knowledge and capability; and to reduce risks by securing both private and public networks. They do this by working with law enforcement, academics and research institutes, as well as agencies and practitioners internationally.
This year, together with their collaborators, they prevented more than 600 cyber attacks, predominantly targeting five particular sectors: the government, academia, information technology (IT), managed service providers, and jointly in fifth place, transport and health; all industries crucial to the successful functioning of the UK. This brings their total to over 1,800 incidences supported, to use their turn of phrase.
Among the attacks highlighted, the fraudulent use of stolen credit cards was among the most prevalent. In response, the NCSC launched Operation Haulster, its intention to flag suspicious intention and activity of the stolen cards.
The success of the operation – over one million cards were flagged – is just one example of the agency’s success to date. Another particularly impressive achievement was the removal of 177,000 phishing URLs, with 62.4% being removed within 24 hours.
While it’s clear that activities against both countries and businesses are only rising, so too are cyber criminals ramping up their attacks against the average individual.
Fostering a safer online future
Creating a safe online environment is no easy feat. It’s technically difficult, and it takes much more than just good anti-virus software. It’s also educating the public about what makes good ‘internet hygiene’. Because despite a growing awareness of safe online practices, the NCSC’s analysis of the most commonly occurring passwords hacked by cyber criminals reveal a startling lack of forethought. The most used password globally continues to be ‘123456’ at 23.2 million breaches. The second most common? ‘123456789’.
It’s this lack of understanding – partly negligence, partly naïvété – that hackers love to exploit, and that the NSCS has begun to address. But a big part of the complication comes from the different levels of entry for society: young people are far more likely to have at least a basic understanding of how to appropriately live life online than their elders.
In order to set good habits early, the NCSC created CyberFirst, a program introducing young people to cyber security. And it tackles more than one issue: it educates youth on how to safely operate online; it creates career opportunities for the next generation of IT professionals; and with CyberFirst Girls Competition, it encourages the participation of young women in careers traditionally filled exclusively by males. This year, 11,802 girls participated in the competition, and 2,614 young people engaged with the CyberFirst program.
For small business owners too – another stratum of vulnerability to cyber criminals – there are options. The NSCS simulates cyber exercises for themselves, and over 2,886 participated in 2019.
It’s a start. And it’s a good one. For those members of society already set in their ways – and of course, those much more likely to have much more to lose – the NCSC has created online resources and information packs specifically for individuals and families; 37% of whom, as part of their 2019 Cyber Survey, agreed that losing personal details or money over the internet was unavoidable these days. Such resignation is telling.
The good news is that, even if individuals fall victim to such schemes, there are options. The NCSC supports victims of cyber crime – they assisted 900 victim organisations in 2019 alone. Their website houses advice and step-by-step guidance as to what to do in the unfortunate event of a successful attack.
At a time when rapid rates of technological change mean the average consumer cannot keep up, it’s a comfort to know there is a national watchdog. For those of us outside of the UK, such a pioneering approach may just herald things to come in our own home states. After all, the internet is a global phenomenon, and policing cyber criminals is a boon to us all.
Chloé Braithwaite
CyberFirst Girls Competition 2020
The CyberFirst Girls Competition aims to support girls interested in a career in cyber security. The NCSC will once again be running the CyberFirst Girls Competition in 2020 but this year, the format has been slightly altered..
Each year, improvements are made to the user experience of the competition, and this year is no exception. To encourage and recognise participation from all parts of the UK, the online qualifier round has been extended to 10 days and a semi-final round has been introduced.
The competition is aimed at Year 8 girls in England and Wales, Year 9 in Northern Ireland and S2 in Scotland. A deliberate shift in age group was made in 2018 to give as many girls as possible the opportunity to find out more about cyber security with a view to potentially influencing the subjects they take at GCSE (or equivalent).
The content for each category of the competition is consistent with subjects within the Computer Science syllabus from both the National Curriculum and Scotland’s Curriculum for Excellence. However, the competition will contain some advanced cyber topics that are not covered in traditional education but will seek to stretch the lateral thinking and additional cyber knowledge of the teams.
What you need to know
- Teams are made up of up to four female students in Year 8, S2 or Year 9 (NI).
- Teams need to be supported by a responsible adult appointed by the school who is aged over 18 years and who can act as the team guardian.
- Team guardians do not need to have any cyber knowledge or be an IT or computer science teacher. Their role is to register the teams and facilitate access to the competition.
- Schools can enter as many teams as they like if they fit the qualifying criteria (see above).
- The semi-final round will be self-funded by the school.
- The Grand Final will be fully funded by the NCSC.
About CyberFirst
CyberFirst began as a programme of opportunities to help young people explore their passion for tech by introducing them to the world of cyber security.
CyberFirst covers a broad range of activities: comprehensive bursary and apprenticeship schemes; a girls’ only competition and school’s development courses at UK universities and colleges. There’s even Cyber Discovery; our online extracurricular programme. Each activity is designed to seek out people with potential, offering the support, skills, experience and exposure needed to be the future first line of defence in our CyberFirst world.
Girls Competition
The NCSC has been working hard to get more girls interested in a career in cyber security. The CyberFirst Girls Competition provides a fun and challenging environment to inspire the next generation of young women to consider a career in cyber security.
The competition is a team event, with each made up of four female students from Year 8 in England and Wales, Year 9 in Northern Ireland and S2 in Scotland.
Click below to read November’s edition of Europe Diplomatic Magazine
