Active Cyber Defence
CYBERUK 2018 in Manchester
Gus, CEO of Kentish Town City Farm
Industry 100 - Natascha
CyberFirst Girls Competition Final
Dr. Rachel O'Connell, CEO of Trust Elevate
CyberFirst - Annarose
CyberFirst - Megan
CyberFirst - Neve
CyberFirst - Prisha
CyberFirst - Repheala
CyberFirst - Sekina
Cyber Accelerator - Dr. Rachel O'Connell
Cyber Accelerator - Dr. Rachel O'Connell
CYBERUK - Ciaran Martin
CYBERUK - Mark Ryland
South Wales ROCU - Warren Davies
Small Business Guide
Year 2 Highlights
Almost all programming languages provide a element called an array. An array is a data structure, which can store a fixed-size collection of elements of the same data type.
Our CyberFirst students have been learning about arrays and their role in cryptography. A cryptographic algorithm, or cipher, is a mathematical function used in the encryption and decryption process. A fundamental part of the decryption process is being able to resolve characters using sets of decrypted numerical values, each value represents a character’s location within a standardised array.
In Python we might declare an array of random characters like this:
random_array = ['Z','(','4','I','N','W','2','G','3','S','(','X','R','2','V','Y','A','P','F','7','T','N','3',')','B','D','K','J','V','O','K','M','R','5','F','W','V','Z','@','O','Z','I','R','E','D','B','C','S']
We can print a certain letter to the screen in Python using the following command:
print random_array[2]
Which would print the character: '4' (the first element in an array is referenced by 0).
We've hidden a series of numbers within the full report, you'll have to have a keen eye for detail to spot them. The numbers will provide you with positions of characters within the array declared above. When you're ready to crack the code, use the dial below to select the numbers and reveal the secret message - good luck!
In cryptography, encryption is the process of encoding a message or information in such a way that only authorised parties can access it and those who are not authorised cannot. In an encryption scheme, the intended information or message, referred to as plaintext, is encrypted using an encryption algorithm – a cipher – generating ciphertext that can be read only if decrypted. An authorised recipient can easily decrypt the message with the key provided by the originator to recipients but not to unauthorised users.
We're going to show you a basic method of encryption. Early methods of encryption adopted this approach, it's known as a polyalphabetic cipher. During World War 2 Germany developed a machine called the Enigma Machine, this machine was fundamentally a polyalphabetic substitution cipher.
First you'll need to choose a secret number, a cipher key to use:
The National Cyber Security Centre (NCSC) was created in 2016 as part of the government’s five-year National Cyber Security Strategy. Since then, our goal has been to make the UK the safest place to live and work online.
This review tells the story of our second year, with interviews, testimonials, images and data that take you behind the scenes at the NCSC. It provides a snapshot of our work over the period 1 September 2017 to 31 August 2018. We hope it helps you understand what we do, and along the way illustrates some of the milestones we have achieved in our second year.
Rt Hon David Lidington CBE MP Minister for the Cabinet Office and the Chancellor of the Duchy of Lancaster
We have every reason to be proud of the UK’s position at the forefront of the global digital revolution. Our collective ability to embrace cyberspace is already driving our country’s prosperity and enhancing our national security. We have one of the highest levels of internet access and usage in the developed world, and our digital industries are growing faster than any other part of the economy. At the same time, the threat from criminals, hacktivists and nation states continues to increase and evolve. It is easier and cheaper than ever before for those who want to do us harm to access the tools, exploits and services they need to launch attacks. That is why cyber security remains a top priority for this government and for me personally, as the Minister responsible for improving the security and resilience of the UK, including protecting our critical national infrastructure.
We launched our National Cyber Security Strategy in 2016 to set the direction and ambition for our investment and efforts. Because as the digital revolution touches every part of our society, we wanted to ensure that our response was comprehensive. To defend our people, to deter our adversaries and to develop the capabilities we need to ensure the UK remains the safest place to live and work online. Our strategy is supported by significant investment – £1.9bn – to drive the transformation we need to respond at the scale and pace required.
Download the full review to read more Download the full review to read moreCYBERUK 2018 hosted in Manchester
Leaders of the UK, Canada, New Zealand and Australia met at NCSC headquarters as part of the Commonwealth summit
The NCSC’s CEO and the Minister for the Cabinet Office gave evidence on the cyber security of the UK’s critical national infrastructure to the Joint Committee on the National Security Strategy
Nine start-ups graduated from the NCSC Cyber Accelerator
Held CyberFirst summer courses for young people across the UK
Three new Academic Centres of Excellence in Cyber Security Research announced
handled 557 incidents
removed 138,398 unique phishing sites
awarded more than 8,900 Cyber Essentials certificates
welcomed visiting delegations from 54 countries
Produced 145,000 physical items for 170 customer departments through the UK Key Production Authority
Engaged with 1,968 students on our CyberFirst courses
Produced 134 pieces of guidance and 95 blogs
Challenged 4,500 girls in the 2018 CyberFirst Girls Competition
Ciaran Martin, CEO of the National Cyber Security Centre
Cyber security is a tough, complex challenge. But the UK is making significant progress in strengthening our defences against those who seek to harm us online. This matters as we look to an ever more digital future for our prosperity.
In this report – GCHQ’s National Cyber Security Centre’s second Annual Review – we set out:
At the NCSC, we take a proactive approach to securing the UK’s online defences at home and collaborating with our allies overseas. Instead of waiting for an attack, we anticipate problems and find solutions to prevent them doing harm.
Active Cyber Defence (ACD) is a collection of services that aim to protect the UK from the high-volume commodity attacks that affect people’s everyday lives. These attacks involve using tools and techniques openly available on the internet that are relatively simple to use.
We have developed and tested our ACD services on government with great success. Our longer-term goal is to encourage solutions like these to be adopted across other sectors in the UK.
Government domains using DMARC
UK share of visible global phishing attacks dropped from 5.3% (June 2016) to 2.4% (July 2018)
Over the last 12 months, the service removed 138,398 phishing sites hosted in the UK – and a further 14,116 worldwide spoofing the UK Government
Availability time for sites spoofing government brands down from 42 hours (2016) to 10 hours median (2018)
Average of 10,975 unique malicious domains blocked every month
We have identified 2,372 urgent findings that have been fixed.
Active Cyber Defence
The cyber threat is always evolving so we need to continue to build a pipeline of ACD services that can deal with them. These include a service that reports on the condition of an organisation’s infrastructure, a service that helps vulnerability researchers to report bugs in government websites, and an online package containing cyber exercises that help organisations prepare for an incident.
To improve information sharing with the cyber security industry, we are continuing to develop a suite of services which automate the processing and sharing of information and events. We have already launched a pilot that shares indicators of compromise with one of the UK’s leading internet service providers. This gives their customers better protection automatically at no extra cost.
As part of the ACD programme, the NCSC has started to deliver a pilot host-based capability to central government. This involves deploying software that analyses device data to understand and detect threats that target the Government’s IT systems. The service complements an organisation’s existing cyber security and has now been successfully deployed to 14,500 government devices. The number of devices enrolled will increase significantly in the coming months. By using the data this generates, we were able to issue our first Threat Surface reports, help early adopters understand the attacks they face, and detect targeted cyber attacks against government systems.
We pilot our ACD tools with the public sector first and, where relevant, demonstrate the benefits to other sectors. This year, we are working with a range of companies and departments to understand how we can help different sectors. We are also encouraging a range of technology providers to offer similar services to their customers so that together we can ensure that cyber crime doesn’t pay.
The NCSC’s international partnerships help us share information and combat common cyber threats. In our second year, we had the honour of hosting four Heads of Government during the Commonwealth Heads of Government Meeting in April.
We have welcomed delegations from 54 countries across six continents, and we have visited 18 countries for bilateral meetings and public engagements.
In partnership with the rest of government, we have furthered our cooperation overseas, and we aim to expand our reach in 2019.
A commitment to improve international cyber security was made during a visit to the NCSC headquarters by four Heads of Government in April 2018.
Visit to the NCSC headquarters by four Heads of Government
This special report offers a never before seen glimpse behind the curtain of the UK’s strongest asset against cyber attacks. Members of the NCSC’s world-class incident management team explain the methodology we have used to defend against more than 1,000 cyber incidents – a rate of more than 10 per week.
This special report offers a never before seen glimpse behind the curtain of the UK’s strongest asset against cyber attacks. Members of the NCSC’s world-class incident management team explain the methodology we have used to defend against more than 1,000 cyber incidents – a rate of more than 10 per week.
To ensure the appropriate handler manages an incident, it must first be assigned an attack category. Since January 2018, the UK’s cyber community has implemented a new incident categorisation framework.
The new approach fully aligns the NCSC’s work with law enforcement agencies to defend against the growing threat, with incident responders now classifying attacks into six specific categories (C1-6) rather than the previous three. The new system ranges from targeting the Government and critical national infrastructure through to individual citizens.
attacks are national emergencies, causing sustained disruption of essential services, leading to severe economic or social consequences – or to a loss of life.
attacks can have a serious impact on a large portion of the population, economy or government.
attacks can have a serious impact on a large organisation or wider government.
attacks could threaten a medium-sized organisation.
attacks include threats to a small organisation.
attacks on individuals, the response would be led by law enforcement agencies, such as the local police force.
A rare glimpse of the inner workings of the UK’s strongest asset against cyber attacks
The NCSC’s first ever podcast gives a rare peek behind the curtain of our world-class incident management service. You will hear from six members of the NCSC team who talk through the methodology behind the tactics they have deployed in more than 1,000 incidents since launching two years ago.
It is well known that the NCSC provides incident management support to UK victims, but the tactics its experts deploy is much less understood. This is partly due to the covert nature of some of the intelligence agencies they can draw on, and partly because the NCSC promises confidentiality to the companies who work with them.
The podcast includes;
The NCSC serves every part of the UK. In our second year, we have worked to strengthen our regional partnerships, deepen our local understanding and expand our reach across the country.
We seek to make sure that every corner of the UK is as well prepared as it can be for whatever incidents may hit us. We are working closely with partners in England and the devolved administrations where we have advised critical sectors including water, energy and health, and advised on the implementation of the Network and Information Systems (NIS) Directive. These partnerships are vital as they help to protect our essential services.
The NCSC serves every part of the UK. In our second year, we have worked to strengthen our regional partnerships, deepen our local understanding and expand our reach across the country.
We seek to make sure that every corner of the UK is as well prepared as it can be for whatever incidents may hit us. We are working closely with partners in England and the devolved administrations where we have advised critical sectors including water, energy and health, and advised on the implementation of the Network and Information Systems (NIS) Directive. These partnerships are vital as they help to protect our essential services.
The UK’s critical national infrastructure (CNI) supports nearly every aspect of our daily life. Our CNI is becoming increasingly digital, which brings real benefits, but also raises cyber security risks. To combat these threats, we work with thousands of systems and hundreds of organisations across the UK.
Over the past year, we have supported many of these organisations to secure their systems. In the transport sector, our advice has helped to secure the next generation of vehicles. In the energy sector, our experts have helped design the security of a new sustainable national grid.
In the telecoms sector, our work with the Department for Digital, Culture, Media and Sport (DCMS) has helped pave the way to faster 5G networks. And as we enter the ‘Great British Space Age’, we are helping to design four new UK spaceports to help an already successful industry reach for the stars.
The national security sector faces unique threats as it processes the UK’s most sensitive data and runs its most sensitive systems. The NCSC is working hard to support them. Far from being limited to securing the sector, the NCSC’s robust encryption systems help ensure the UK Government stays secure today and in the future.
Annually we process approximately 3,800 orders for key material, equating to 145,000 physical items, such as CDs and data tokens
170 customers across government, industry and law enforcement
The NCSC is committed to helping everyone stay safe online – from the smallest organisations to the biggest global brands. We have begun in-depth research to inform the content that we deliver to our varied audiences. We have listened to users and will be incorporating their feedback into the launch of our new website. The new website will have a focus on protecting individuals and families, businesses, charities, and government.
We aim to expand and develop our offer across the UK. We are developing a toolkit to help boards better understand the cyber threat and mitigate risks. And we are working with our Industry 100 partners to create innovative new ways to raise the level of cyber security across the UK.
Gus, CEO of Kentish Town City Farm
CYBERUK is the UK Government’s flagship cyber security event. CYBERUK is all about promoting a national conversation around cyber security and building a community that works together.
We were delighted to bring CYBERUK 2018 to Manchester, a city synonymous with innovation, creativity and technology.
Over the three days in April, we had engaging speakers, thought provoking topics and a plethora of talent in attendance. We were committed to putting diversity at the heart of CYBERUK 2018. This meant ensuring that we had diversity of thought in the programme, and provided a positive learning environment for all participants.
The conference brought together 2,500 delegates with combined expertise across multiple disciplines and professions. The event offered a wealth of content on the technical aspects of developing and implementing cyber security in the face of complex problems and threats.
We are pleased to announce that CYBERUK 2019 will be held in Glasgow.
CYBERUK 2018 in Manchester
94% of delegates rated the content of the conference as ‘excellent’ or ‘good’
The NCSC’s Industry 100 initiative brings together public and private sector talent to generate innovative ideas and collaborate on some of the latest cyber security challenges across a wide range of NCSC placements.
Since the programme began, we have been pleased to welcome 132 professionals from 60 organisations who have come together to enhance the cyber security of the UK.
Contributors have included representatives from sectors including legal, finance, aerospace, telecoms, academia, IT, oil and gas, nuclear and engineering.
Visit WebsiteIndustry 100 - Natascha
The NCSC strives to identify new ways to build the UK’s talent pipeline, promote innovation, and develop the UK’s cyber security research. Our investment in skills helps the UK remain a world leader in cyber security by developing the talent we have and attracting the best and brightest people to the industry. To ensure a secure, resilient and prosperous economy, organisations must have access to the cyber security skills they need, which is why the NCSC is working closely with the Department for Digital, Culture, Media and Sport (DCMS) to close the cyber skills gap.
The NCSC strives to identify new ways to build the UK’s talent pipeline, promote innovation, and develop the UK’s cyber security research. Our investment in skills helps the UK remain a world leader in cyber security by developing the talent we have and attracting the best and brightest people to the industry. To ensure a secure, resilient and prosperous economy, organisations must have access to the cyber security skills they need, which is why the NCSC is working closely with the Department for Digital, Culture, Media and Sport (DCMS) to close the cyber skills gap.
The NCSC’s single greatest asset is our people. At a time of rapid change in our industry, we are helping students of all ages develop the skills they need to grow to work across the UK and have a rewarding and interesting career in cyber security.
Try a CyberFirst challenge Learn about encryptionCyberFirst Girls Competition Final
The CyberFirst programme aims to identify and nurture exceptional young talent, engaging students from all backgrounds and every region.
Our two pilot Cyber Schools Hubs in Gloucestershire have provided the opportunity to over 17,000 children to engage in events, code clubs and fun ways to learn about cyber security
We have certified 24 master’s degrees, 3 integrated master’s degrees and 2 bachelor’s degrees
This year has seen the launch of the first two of the 19 identified knowledge areas as part of the Cyber Security Body of Knowledge (CyBOK) project
We worked with external partners to support programmes that put the UK at the forefront of cyber security research. This gives us access to world-class experts and helps the NCSC to discover new ways to keep the UK’s information safe.
After the most recent assessments in 2018, 17 universities have been recognised as Academic Centres of Excellence in Cyber Security Research.
In November 2017, we saw the launch of the Research Institute in Secure Hardware and Embedded Systems at Queen’s University Belfast.
Organisations need confidence that the people, products and services that help them manage their risk will improve their security, not undermine it. Working with our external assurance partners, we operate a number of commercial initiatives that give organisations the evidence to help them differentiate the good from the bad.
Currently there are 23 organisations across the UK who have achieved certification by demonstrating that the services they deliver meet the NCSC's standards for high quality cyber security advice in the areas of risk management, risk assessment, security architecture, and audit and review.
Over the past year, we have more than doubled the number of certificates issued, with the award of over 8,900 new certificates.
Innovation takes new thinking and insights and turns them into the things we need to live and do business in cyberspace. We work with DCMS to create an ecosystem that will transform ideas into real world solutions. This brings our experts together with small businesses to help solve the cyber security challenges we face today. At the heart of this is the NCSC’s Cyber Accelerator.
In the past 18 months, the first two cohorts raised more than £20 million in funding, created 19 UK jobs and won 15 trials and contracts worth over £3 million
Dr. Rachel O'Connell, CEO of Trust Elevate
The NCSC’s parent organisation, GCHQ, will be 100 years old in 2019. Founded as the Government Code & Cypher School in 1919, before changing its name to Government Communications Headquarters (GCHQ) in 1946 – and it has been keeping Britain safe ever since.
Government Code and Cypher School (GC&CS) is established with intelligence and security functions
An emergency codebook is issued to national authorities during the General Strike
Alan Turing writes a paper On Computable Numbers, proposing a universal computing machine
The first Colossus computer, the proto-computer, was created for the Newmanry section at Bletchley Park
Single national authority for communications security is established
First use of computers to generate cryptographic-material
Alvis, the first machine of the electronic era, is created and remains the workhorse for secure communications for over 30 years
GCHQ incorporates the Communications-Electronic Security Group (CESG) becoming National Technical Authority for all aspects of cryptology
Public Key Cryptography is conceived by James Ellis at GCHQ
Early malware begins to be discovered at scale. A year later, Elk Cloner spreads beyond the lab it was created in
The Morris Worm computer virus is distributed via the internet, resulting in the creation of the first Computer Emergency Response Team (CERT) in the U.S.
The concept of the World Wide Web is created by Sir Tim Berners-Lee
The BRENT Secure Telephone is introduced to provide secure communications across the whole of government
Introduction of the Government Secure Intranet (GSI), connecting UK Government computer networks
The National Cyber Security programme of £860 million is announced to deliver the ‘National Cyber Security Strategy 2011-2016’
The National Crime Agency and its National Cyber Crime Unit is launched
CERT-UK, the national computer emergency response team, is launched
The ‘National Security Strategy 2016– 2021’ is launched, confirming cyber as a top-tier threat to the UK’s economic and national security
The NCSC is created as a ‘one-stop shop’ for cyber security, uniting separate parts of government that had a role in this area, within GCHQ
The NCSC led the UK response to the global outbreak of Wannacry ransomware
The NCSC dealt
with its first 1,000 cyber incidents – a rate of more than 10 per week
GCHQ commences celebrations for its 100th anniversary and launches its second puzzle book to mark the occasion
GCHQ’s centenary events include an exhibition at the Science Museum exploring the science behind keeping the country safe, which opens in summer 2019; and the publication of its first authorised history in autumn 2019
