Content |
History
2023: Britain recognises weak cyber defence of national critical infrastructure
On November 14, 2023, the National Cyber Security Center of Britain (NCSC) expressed concern about the lack of security of the country's critical national infrastructure. Despite progress in building resilience in the most important IT sectors, cyber risks persist, the report said.
It is reported that threats against Britain's national critical infrastructure come from a number of states, including China, Iran and North Korea. The current geopolitical situation also has a negative impact on the information security situation. Hostile structures and cyber groups are seeking to use artificial intelligence to increase the effectiveness of attacks, it said. The NCSC and other government organizations in the country are working to assess the potential threats and risks posed by AI tools.
In the period from September 1, 2022 to August 31, 2023, a sharp increase in the number of notifications of cyber attacks received by the NCSC was recorded: the number of such messages reached 2005 against 1226 during the previous annual period. In the total number of these incidents, about 370 are considered serious, and 62 are of national importance. The largest proportion of incidents analyzed by NCSC specialists are related to the exploitation of vulnerabilities in public applications and services.
According to estimates, the cybersecurity sector of Britain in 2023 is estimated at £10.5 billion (approximately $13.1 billion at the exchange rate as of November 15, 2023). In the country, about 2,000 companies provide cybersecurity products and services. More than 58 thousand people are employed in the corresponding area, which is 5,000 more compared to 2022. In general, as noted, Britain's cybersecurity sector is growing, as is the need for highly qualified specialists.[1]
2022
British National Information Security Center recognizes scanning of all Internet devices in the country
In early November 2022, the national center cyber security Britain launched a program that will constantly scan every device connected to the Internet to the, located in, United Kingdom for vulnerabilities to help the government respond to. zero-day threats
The Cyber Security Center of Britain (NCSC), part of the headquarters of government communications, which acts as the country's technical body for combating cyber threats at the state level, reports that it launched this initiative in order to gain an idea of Britain's "vulnerability and security" based on data. A zero-day vulnerability is a term that is used to refer to security threats that are not identified during testing.
This initiative Great Britain is similar to the efforts of the National Security Administration, Norway which in 2021 was looking for evidence of the use of Microsoft Exchange vulnerabilities by users Internet in the country. The Slovenian the response unit, cyber security known as SI-CERT, also reported notifying potential victims of zero-day errors Exchange in its internet space in early 2022.
The NCSC scan will cover any system with Internet access hosted in Britain, the agency explains, and will look for vulnerabilities that are common or particularly important due to the widespread spread. The department says it will use the collected data to create an overview of Britain's exposure to vulnerabilities after they are disclosed and tracked over time. The agency also hopes that this data will help inform system owners about the state of their security on a daily basis and help Britain respond faster to incidents that are actively exploited.
Шаблон:Quote 'We are not trying to find vulnerabilities in Britain for some other, nefarious purpose... We start with a simple scan and will gradually increase the complexity of the scan, explaining what we do and why we do it, "said NCSC CTO Ian Levy. The agency explains that the information collected as a result of the scan includes any data sent when connecting to services and web servers, for example, full HTTP responses, as well as information on each request and response, including the time and date of the request and the IP addresses of the source and destination endpoints. The document notes that the requests are intended to collect the minimum amount of information necessary to verify whether the scanned object is affected by the vulnerability. If any sensitive or personal data is accidentally collected, the NCSC says it will take action to delete that data and prevent it from being recaptured in the future.
Scanning is done using tools running in a dedicated NCSC cloud environment, allowing network administrations to easily identify the agency in their logs. Organizations located in Britain can refuse to scan their servers by the government by emailing the department with a list of IP addresses that they want to exclude.[2]
British intelligence agencies offer to scan citizens' phones for illegal content
On July 21, 2022, it became known that the UK intelligence services in the field of cybersecurity - the Government Communications Headquarter (GCHQ) and the National Cyber Security Center of Great Britain (NCSC, GCHQ unit) - spoke out in support of the so-called client-side scanning technology, which checks devices and user data for illegal content.
This technology, which was proposed by Apple in the form of the NeuralHash system, is presented by its supporters as a potential means of detecting and suppressing child abuse, as well as protecting the safety and privacy of digital services.
The client-side scanning (CSS) system works with programs installed on users' phones to scan the contents of their messages and other files, usually to detect the exchange of images of violence or other illegal activities. This approach differs from server-side scanning, which requires storage and access to data from service provider systems such as Apple, Facebook, Microsoft or Google to conduct checks.
Apple announced its plan to implement NeuralHash in 2021, after which it quickly decided to postpone the technology indefinitely, attributing the delay to "feedback from customers, defense teams, researchers and others."
However, in a published analytical article, the technology received some public support from Crispin Robinson, technical director of cryptanalysis at the National Cyber Security Center (GCHQ), and GCHQ technical director Ian Levy.
In our research, we found no reason why CSS methods cannot be safely implemented in many situations that can be encountered, they said. This does not mean that more elaboration is not needed, but there are clear ways of implementation that appear to have the necessary efficiency, confidentiality and security. |
In their published paper, Levy and Robinson said they hoped the publication of the paper would "lead to a balanced and informed debate that will help shape global policy in this area."
The end of the document provides 11 conclusions and recommendations for further work, including a "practical technology demonstration" and the creation of a "assessment system that provides a common context for analyzing the impact of safety technologies."[3][4]
Notes
- ↑ NCSC Annual Review 2023
- ↑ UK government is scanning British internet space for zero-day threats
- ↑ [1] UK cybersecurity chiefs back plan to scan phones for child abuse images UK cyber chiefs see potential in controversial tech that scans phones
- ↑ [2]