UK under serious risk of harm as 200 major incidents detected per month

Successful attack just a matter of time says Ciaran Martin, CEO of National Cyber Security Centre

More than 200 "national security-level cyber incidents" per month are logged by the authorities, and the National Cyber Security Centre (NCSC) has warned that it is only a matter of time before one causes serious damage.

Ciaran Martin, CEO of the newly established NCSC, revealed that cyber attacks against the nation are now a regular occurrence during his first public address at the Billington Cyber Security Summit in Washington.

"In the UK we've faced and continue to face some very serious cyber attacks.

Fortunately, these attacks have so far been unsuccessful, but it is just a matter of time before one achieves its ends, he said.

"Unlike some of our allies, there has not yet been a single stand-out incident of a hostile foreign cyber attack that's resonated as a first-order national crisis with the public and media"

However, the frequency of all types of cyber attack is increasing he went on.

"Last year we detected twice as many national security-level cyber incidents - 200 per month - than we did the year before."

Martin noted that many attacks are "not terribly sophisticated" and can be stopped easily with the right systems in place. But this is not always the case, and he cited the TalkTalk hack in November 2015 as an example.

"Far too many of these basic attacks are getting through. And they are doing far too much damage. They're damaging our major institutions," he explained.

"A British telco hit the headlines last year and the initial speculation was around a highly sophisticated attack. But it is now believed to have been an SQL injection, a basic technique dating from the end of the last century."

The NCSC is looking at ways to protect the nation better and go after those behind the attacks. This includes the idea of building a nationwide DNS filter, effectively a giant firewall that would seek to block content or websites through partnerships with major network firms operating in the UK.

"We're exploring a flagship project on scaling up DNS filtering. What better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?" Martin said.

"Now it's crucial that all of these economy-wide initiatives are private sector-led. The government does not own or operate the internet. Consumers must have a choice. Any DNS filtering would have to be opt out-based. So addressing privacy concerns and citizen choice is hardwired into our programme."

It is unclear how far along this project is or when it will be introduced, but such a move is notable for the top-level approach in the NCSC remit.

Martin also revealed that the UK is looking into the "lawful and carefully governed use" of offensive cyber weapons, and that the US and UK will work together on this project.

"We work very closely with US colleagues and only last week the US secretary of defence and our secretary of state for defence signed a Memorandum of Understanding to investigate jointly the advance of offensive and defensive cyber capabilities," he said.

Martin's speech coincided with the release of a report by the National Audit Office that criticised the government for a cyber strategy that lacks coherence and has too many departments with overlapping responsibilities.