GCHQ-linked cyber agency fights hundreds of hacks, warns 'further attacks will happen'

In October last year, a new offshoot of British intelligence became operational. Ever since, computer security experts at the National Cyber Security Centre (NCSC), based in the heart of London, have been kept busy – working to help resolve more than a thousand incidents.

A total of 1,131 incidents to be exact, according to a new report released this week (3 October) by the agency. Of those, 590 were classified as "significant".

The NCSC is a fork of British intelligence agency GCHQ, which hit the headlines back in 2013 as a result of the Edward Snowden NSA revelations.

The unprecedented leak of secrets exposed GCHQ's surveillance capabilities, revealing it collected text and call data of innocent civilians in the UK without parliamentary oversight.

In the wake of the chaos, the clandestine spy agency worked hard to recover from the bad press.

The creation of the NCSC, which didn't carry the same weighty baggage as its bigger brother, was likely a key part of that effort. It's different, but unashamedly linked.

In the past 12 months, its cyber team jumped into action on several occasions – including an attempted hack on parliamentary emails and the global "WannaCry" malware outbreak, which took parts of the National Health Service (NHS) offline.

Ciaran Martin, the chief executive of the NCSC, said: "We're incredibly proud of what we have achieved in our first year at the National Cyber Security Centre.

"The threat remains very real and growing – further attacks will happen and there is much more for us to do. We look forward to working with our partners [...] in the year ahead."

The report released this week was largely self-congratulatory in tone, claiming that a scheme known as Active Cyber Defence was able to block "millions of attacks every week" and that "the average time a phishing site is online from 27 hours to just one hour".

It branded the WannaCry incident as "the biggest test of the year".

Jeremy Fleming, director of GCHQ, said: "In an increasingly digital world, cyber is playing an ever more important part in our daily lives and in the UK's approach to security.

"The threats to the UK are evolving rapidly as technology advances. Our response has been to transform to stay ahead of them. The NCSC is a pivotal part of that transformation."

There will always be more to do, the agency bosses said. Industry players agreed.

Worryingly, president of cybersecurity firm Corero, Andrew Lloyd, said that his firm had discovered "more than one third" of UK national critical infrastructure companies have not completed basic cybersecurity standards issued by the government. He refused to name and shame, however.

"More needs to be done to protect the UK against cyberattacks," Lloyd asserted.

Rob Norris, cyber chief at Fujitsu, said: "In today's world, cybercrime is inevitable." He added: "It is worrying to see the UK suffers nearly two significant cyberattacks every day. With data fast becoming the new currency, any organisation that holds information is a target."

It has been a busy year – but this government agency is only getting started.