Advertisement
Cranfield University

News

Articles

Information

Resources

Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC releases 2019 Active Cyber Defence report

Security

NCSC releases 2019 Active Cyber Defence report

Posted 17 July 2019
The National Cyber Security Centre (NCSC) released its Active Cyber Defence (ACD) report yesterday, revealing that a scam to defraud thousands of UK citizens using a fake email address spoofing a UK airport, was one of a wide range of cyber attacks successfully prevented by the NCSC.

Above: The National Cyber Security Centre (NCSC), Nova South, London.
Copyright Shutterstock

Details of the criminal campaign are just one case study of many in Active Cyber Defence – The Second Year, the latest comprehensive analysis of the NCSC’s world-leading programme to protect the UK from cyber attacks.

Advertisement
ODU RT

The thwarting of the airport scam was one example in 2018 of how ACD protects the public – in this case preventing potentially thousands of people ending up out of pocket.

The incident occurred last August when criminals tried to send in excess of 200,000 emails purporting to be from a UK airport and using a non-existent gov.uk address in a bid to defraud people.

However, the emails never reached the intended recipients’ inboxes because the NCSC’s ACD system automatically detected the suspicious domain name and the recipient’s mail providers never delivered the spoof messages. The real email account used by the criminals to communicate with victims was also taken down.

A combination of ACD services has helped HMRC’s own efforts in massively reducing the criminal use of their brand. HMRC was the 16th most phished brand globally in 2016, but by the end of 2018 it was 146th in the world.

Dr Ian Levy, the NCSC’s Technical Director and author of the ACD report, said: “These are just two examples of the value of ACD – they protected thousands of UK citizens and further reduced the criminal utility of UK brands. Concerted effort can dissuade criminals and protect UK citizens.

“While this and other successes are encouraging, we know there is more to do, and we would welcome partnerships with people and organisations who wish to contribute to the ACD ecosystem so that together we can further protect UK citizens.

“This second comprehensive analysis we have undertaken of the programme shows that this bold approach to preventing cyber attacks is continuing to deliver for the British public.”

Introduced by the NCSC in 2016, ACD is a bold, interventionist approach that stops millions of cyber attacks from ever happening. It includes the pioneering programmes Web Check, DMARC, Public Sector DNS and a takedown service.

The ACD technology, which is free at the point of use, intends to protect the majority of the UK from the majority of the harm from the majority of the attacks the majority of the time.

Other key findings for 2018 from the second ACD report include:

Advertisement
Security & Policing Rectangle
  • In 2018 the NCSC took down 22,133 phishing campaigns hosted in UK delegated IP space, totalling 142,203 individual attacks;
  • 14,124 UK government-related phishing sites were removed;
  • Thanks to ACD the number of phishing campaigns against HMRC continues to fall dramatically – with campaigns spoofing HMRC falling from 2,466 in 2017 to 1,332 in 2018. These figures relate to 16,064 spoof sites in 2017 and 6,752 sites in 2018;
  • The total number of takedowns of fraudulent websites was 192,256, and across 2018, with 64% of them down in 24 hours;
  • The number of individual web checks run has increased almost 100-fold, and we issued a total of 111,853 advisories direct to users in 2018.

Chancellor of the Duchy of Lancaster and Minister for the Cabinet Office David Lidington said: "The UK is safer since the launch of our cyber strategy in 2016. Over the last three years, and backed by a £1.9 billion investment, we have revolutionised the UK’s fight against cyber threats as part of an ambitious programme of action.

“The statistics and examples in this report speak for themselves. They outline the tangible impact that Active Cyber Defence is having, and how it is a key building block in improving cyber security in the UK now, and in the future.”

The new report also looks to the future of ACD, highlighting a number of areas in development. These include:

  • The work between the NCSC and Action Fraud to design and build a new automated system which allows the public to report suspicious emails easily. The NCSC aims to launch this system to the public later in 2019;
  • The development of the NCSC Internet Weather Centre, which will aim to draw on multiple data sources to allow us to really understand the digital landscape of the UK;
  • NCSC will explore developing an Infrastructure Check service: a web-based tool to help public sector and critical national infrastructure providers scan their internet-connected infrastructure for vulnerabilities;
  • NCSC researchers have begun exploring additional ways to use the data created as part of the normal operation of the public sector protective DNS service to help its users better understand and protect the technologies in use on their networks.


To read the full 2019 report, click here

 

Advertisement
Tritax leaderboard 728x90 Tritax leaderboard 728x90
New laws set to strengthen UK

Aerospace Defence Security

New laws set to strengthen UK's cyber attack defences

12 November 2025

UK hospitals, energy and water supplies, as well as transport networks, will be better protected from the threat of cyber attacks under new laws being introduced in Parliament today.

Skyports commences BlueWater 2 drone demonstrator

Aerospace Security

Skyports commences BlueWater 2 drone demonstrator

11 November 2025

Skyports Drone Services (Skyports) has commenced operations of its UK clean maritime drone demonstrator BlueWater 2, which is designed to advance green, smart shipping in the UK, supported by Innovate UK’s CMDC 6.

Boeing to display range of defence solutions at Dubai Airshow

Defence Security Events

Boeing to display range of defence solutions at Dubai Airshow

7 November 2025

Boeing will be bringing its defence and services solutions to the Dubai Airshow later this month, with the F-15 Eagle, the CH-47 Chinook, KC-46 Pegasus, AH-64 Apache and the C-17 Globemaster on static display.

BMT and Teledyne Marine to advance maritime autonomy programmes

Defence Security

BMT and Teledyne Marine to advance maritime autonomy programmes

6 November 2025

BMT has signed a Memorandum of Understanding (MoU) with The Teledyne Marine Vehicles group which includes Iceland-based Teledyne Gavia and North Falmouth, MA based Teledyne Webb Research, laying the foundation for strategic alignment and close collaboration on future projects in the maritime autonomy space.

Advertisement
Tritax 300x250
Blighter to debut radar solutions at Defense & Security event in Bangkok

Defence Security Events

Blighter to debut radar solutions at Defense & Security event in Bangkok

6 November 2025

Blighter will be showcasing its smart radars and AI-assisted BlighterNexus software in the UK pavilion at Defense & Security 2025 taking place at the IMPACT Exhibition & Convention Centre, Bangkok, Thailand from the 10th-13th November 2025.

Scotland enhances its cyber resilience

Security

Scotland enhances its cyber resilience

5 November 2025

A new ‘cyber observatory’ to help protect Scotland’s public bodies from online threats will be set up as part of a package of measures to promote the country’s cyber-security.

Advertisement
ODU RT

News

Articles

Information

Resources

© 2025 Advance - All rights reserved

Website by Silkstream

The views expressed are not necessarily those of ADS or its members. No responsibility or liability is accepted by ADS, the editorial team or the publisher for any loss occasioned to any person, legal or physical, acting or refraining from action as a result of any statement, fact, figure, expression of opinion or belief contained within this site.

Advertisement
General Atomics LB