The threat of cyber attacks seems to be ever increasing. Every day in the press, another attack makes the headlines. Whether it be some teen hacking a national mobile provider, or a state actor attacking an international governing body – cyber attacks are a very real problem.
What do not often make the headlines though, are those behind-the-scenes organisations working tirelessly to help stop attacks, help manage ongoing incidents, or just sharing good advice.
In this blog, I shall showcase some of those unsung heroes and heroines helping the UK to become the world’s safest place to conduct online business.
The UK’s authority on cyber security. A part of GCHQ, the NCSC brings together a number of existing bodies under one roof:
- CESG - The UK’s authority on Information Assurance
- CPNI - The UK’s authority for protective security advice to the UK national infrastructure
- CERT-UK – The UK’s national computer emergency response team
- CCA – The Centre for Cyber Assessment
The NCSC website offers a wealth of information, guidance, and advise on all manner of cyber security related topics whether you are an individual, an SME, a large organisation, or national infrastructure provider – you will find valuable information within their pages.
A small sample of the advice on the NCSC site includes:
- The 10 Steps to cyber security – advice for business on how to secure infrastructure and data
- NIS guidance for operators of essential services
- Cyber Security: Small business guide
- Cyber Essentials – A Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks
- Various guidance for customers/users of sites that have suffered data breaches (British Airways, Reddit, CarPhone warehouse, etc.)
- Advise on how to detect and defend against Phishing attacks
- Advise on BYOD
- Password guidance
The NCSC produce a weekly threat report which contains information about the latest threats along with numerous blogs and reports into specific cases. NCSC also have a great twitter channel @ncsc
The NCA is the UK's lead agency against organised crime; human, weapon and drug trafficking; cyber crime; and economic crime that goes across regional and international borders, but can be tasked to investigate any crime.
Much of the work done by the NCA with respect to cyber crime is done via the NCCU (National Cyber Crime Unit). The NCCU leads the UK’s response to cyber crime, supports partners with specialist capabilities and coordinates the national response to the most serious of cyber crime threats.
Working closely with the Regional Organised Crime Units (ROCUs), the MPCCU (Metropolitan Police Cyber Crime Unit), partners within Industry, Government and International Law Enforcement, the NCCU has the capability to respond rapidly to changing threats.
Action Fraud is the UK’s national reporting centre for fraud and cybercrime where you should report fraud if you have been scammed, defrauded or experienced cyber crime in England, Wales and Northern Ireland.
Action fraud is operated by the City of London Police and is the point of contact for reporting cyber crimes. Action fraud do not investigate any reported crimes, that responsibility falls under the remit of the National Fraud Intelligence Bureau (NFIB). The NFIB assess every report received via action fraud and ensure that each case is dealt with by the correct team(s).
Cyber crimes can be reported via the Action fraud website where you have to create an account – this allows for you to track the progress and update your case or by telephone on 0300 123 2040
Get Safe Online is a public / private sector partnership supported by HM Government and leading organisations in banking, retail, internet security and other sectors.
The website is the UK’s leading source of unbiased, factual and easy-to-understand information on online safety and is a unique resource providing practical advice on how to protect yourself, your computers and mobiles device and your business against fraud, identity theft, viruses and many other problems encountered online.
Cyber Aware (formerly Cyber Streetwise) aims to drive behaviour change amongst small businesses and individuals, so that they adopt simple secure online behaviours to help protect themselves from cyber criminals, such as installing the latest software and app updates, or using a strong, separate password for your email. This is based on expert advice from the NCSC.
Cyber Aware is a cross-government awareness and behaviour change campaign delivered by the Home Office in conjunction with Department of Culture, Media & Sport alongside the NCSC, and is funded by the National Cyber Security Programme in the Cabinet Office
One of the biggest areas of cyber crime involves financial fraud or theft. Most banking websites now have useful advice pages for customers to help reduce the chances of being affected by such crimes.
Phishing attacks are a major way for people to get their accounts compromised. Every major financial institute has an email address where you can forward suspect phishing emails for them to investigate. The list below identifies some of those email inboxes.
- Natwest - email@example.com
- Barclays - firstname.lastname@example.org
- HSBC - email@example.com
- Lloyds / Halifax - (Lloyds) 0800 917 7017 (Halifax) 0345 602 2160
- Co-op - firstname.lastname@example.org
- Paypal - email@example.com
Hopefully, this short blog has enlightened you to the vast array of professionals who work to make your line activities safe and secure.
QA deliver hundreds of cyber security courses from basic cyber hygiene advice, to more advanced courses covering incident response and penetration testing. See our website for more details - cyber.qa.com
After leaving a career as a mechanical and electrical engineer in 1998, Mark started out with a fresh career as an IT trainer. Spending the first few years as an applications trainer, Mark excelled in delivering Microsoft Office and Adobe products. In line with his background as an engineer, Mark soon shifted focus to more technical deliveries, including hardware and networking topics, a field he has remained in ever since.
As a natural progression of his career, Mark started to explore the security aspect of his existing competencies and since 2005 has specialised in the cyber security domain. Mark has been the author of a number of QA cyber security courses and was the design authority and author of the 2017 NCSC Cyber First Academy. Mark is a C|EH, a Certified EC-Council Instructor, and a CISSP.
More articles by Mark
Massive cyber attack on US government and companies underway
Pi-Hole: The DIY ad-blocker & malware defender all in one box
What is ethical hacking?
Mac attack! Apple malware on the rise
How random is random?
Sometimes an attack might be right in front of your eyes!
Denial of Service attack for iOS devices
Safer Internet Day 2019