UK cybersecurity center sent 33 million alerts to companies

The NCSC (National Cyber Security Centre) in the UK reports having served 33 million alerts to organizations signed up for its “Early Warning” service. Additionally, the government agency has dealt with a record number of online scams in 2021, removing more than 2.7 million from the internet.

The myriad schemes targeted by the NCSC include fake celebrity endorsements for cryptocurrency giveaways, COVID-19-related campaigns, bogus extortion emails impersonating the NCSC or other national law enforcement bodies, and fake parcel delivery notices.

Fighting back against scammers was made possible thanks to an upgrade of the Active Cyber Defense (ACD) program in 2021 to help tackle emerging threats.

A record year

The NCSC says the record number of online scams identified and removed is the result of expanding the defenses and not as much seeing an uptick in scam activities.

“The rise reflects the expansion of NCSC services to take down additional malicious online content, such as fake celebrity endorsement scams, rather than an increase in scams overall,” explains NCSC's announcement.

“The work has been complemented by reports from the public of suspicious emails, texts, and websites, which have enabled the NCSC to remove even more scams.”

More specifically, the agency detected and removed over 1,400 NHS-themed phishing campaigns in 2021, which is 11 times higher compared to 2020's numbers.

Another notable case of mass takedowns is that of the Flubot malware for Android devices, which is distributed to smartphone users via “missed delivery” SMS. The NCSC put a brake on its proliferation by blocking over 1.2 million domains linked to it.

As for the scams blocked in 2021 overall, the 2.7 million figure is four times higher than the corresponding number of scams detected and stopped in 2020.

Early Warning

Maybe NCSC’s most important work for 2021, though, was the growth of the Early Warning service, which by the end of the year counted 4,600 customers.

On average, the service flagged 90,410 events daily, indicating that something potentially malicious was detected on a customer’s system.

The Early Warning service sends alerts in the following three cases:

• A system has been actively compromised by malware.
• There are indicators of potential abuse, such as aggressive network scanning.
• There are vulnerable services and open ports exposed to the internet.

For more details on registering for the Early Warning service, check out this webpage.

Finally, the NCSC invites everyone to attend this year’s CYBERUK conference online and watch keynote speeches on its YouTube channel. The conference will focus on crucial cybersecurity topics like Russia’s invasion of Ukraine, while interactive workshops will be offered too.