The UK’s cyber watchdog has revealed it foiled more cyber attacks in 2020 than in the previous three years combined with the National Health Service and vaccine research key targets for criminals.

The figures represent a massive fifteen-fold increase in the number of scams removed from the internet, a new report revealed today.

The National Cyber Security Centre, a part of GCHQ, said it had used its Takedown Service, which protects the public from scams including fake celebrity endorsement scams and bogus Covid vaccines adverts to remove more than 700,000 online scams totalling 1.4 million URLs.

The findings were contained in the fourth annual report on the NCSC’s Active Cyber Defence programme, a pioneering service which protects the UK from millions of cyber attacks and which was expanded during 2020.

One particular area of focus for the ACD last year was protecting the NHS, and the report detailed efforts to monitor for attacks that sought to harvest NHS credentials and potentially compromise critical systems. In 2020 ACD detected 122 phishing campaigns using NHS branding, compared to 36 in 2019.

Among the lures were those using the COVID-19 NHS vaccine rollout, the first of which was picked up in December. Others included fake or unofficial copies of the NHS Test and Trace mobile app, with the removal of 43 instances of NHS apps hosted and available for download outside of the official Apple and Google app stores.

The report was released ahead of the NCSC’s annual CYBERUK gathering, which this year for the first time will be hosted entirely online, enabling wider participation than ever before.

A major focus for the two-day event, which begins tomorrow and features a host of expert speakers from around the world, will be on how the NCSC and cyber security industry has responded to the pandemic.

The NCSC response included the introduction of the hugely successful Suspicious Email Reporting Service, a new feature of the ACD programme launched in April 2020 which received nearly 4 million reports of suspect emails from members of the public last year alone.

The organisation also worked with allies to call out hostile state activity and last year exposed Russian attacks on coronavirus vaccine development.

And to help ensure young people were able to continue learning valuable cyber security skills the NCSC moved its CyberFirst courses online for the first time, leading to record numbers of sign-ups.

Lindy Cameron, NCSC CEO, said: “As the cyber security community prepares to gather for CYBERUK, the ACD report offers a helpful insight into just some of the ways the NCSC has adapted to protect the UK during the pandemic.

“Whether it has been protecting vital research into the vaccine or helping people work from home securely, the NCSC has worked with partners to protect the digital homeland during this unprecedented period.”

“The ACD programme is truly a collaborative effort, and it’s thanks to our joint efforts with partners both at home and internationally that we’ve been able to significantly ramp up our efforts to protect the UK,” added Dr Ian Levy, Technical Director of the NCSC. “This has never been more important than in the last year, where it was vital for us to do everything we could to protect our most critical services and the wider public during the pandemic.

“The bold defensive approach taken by the ACD programme continues to ensure our national resilience and so I urge public bodies, companies and the general public to sign up to the services available to help everyone stay safe online.”

Introduced by the NCSC in 2016, the ACD programme includes a number of services which are designed to protect the UK from different online threats. Services include Mail Check, Web Check, Protective DNS, Exercise in a Box and the Suspicious Email Reporting Service.

Other key figures and findings for 2020 from the ACD Fourth Year report included:

• More than 11,000 UK-government-themed phishing campaigns were taken down – more than double the 2019 figure.
• The Suspicious Email Reporting Service was launched in April 2020, and received nearly 4 million reports by year-end, leading to the removal of over 26,000 scams not previously identified by the Takedown Service. The latest figures can be found on the NCSC website.
• The most phished UK government brand was Her Majesty’s Revenue and Customs (HMRC).

The report also comes ahead of the launch of a new online service which alerts organisations to potential cyber attacks affecting their networks.

The new Early Warning service is designed to help organisations defend against cyber attacks by providing timely notifications about possible incidents and security issues and will be launched during CYBERUK.

The National Cyber Security Centre, a part of GCHQ, said it had used its Takedown Service, which protects the public from scams including fake celebrity endorsement scams and bogus Covid vaccines adverts to remove more than 700,000 online scams totalling 1.4 million URLs.