NCSC review reveals 20% of supported incidents were linked to health

  • 23 November 2021
NCSC review reveals 20% of supported incidents were linked to health

The National Cyber Security Centre (NCSC) has revealed that 20 per cent of the incidents it supported in the past year were linked to the health sector and Covid vaccines.

The NCSC’s annual review has revealed that the organisation offered wrap-around support for 777 cyber incidents, of which 10% were attacks on coronavirus vaccine research, distribution and supply chains.

Also according to the report, the Active Cyber Defence programme has taken down 2.3 million cyber-enabled commodity campaigns, 442 phishing campaigns using NHS branding, and 80 illegitimate NHS apps hosted and available to download outside of official app stores.

Jeremy Fleming, director GCHQ, which the NCSC is a part of, said: “This year we have seen countless examples of cyber security threats: from state sponsored activity to criminal ransomware attacks. It all serves to remind us that what happens online doesn’t stay online – there are real consequences of virtual activity.

“In the face of rising cyber attacks and an evolving threat, this year’s NCSC Annual Review shows that world class cyber security, enabled by the expertise of the NCSC as part of GCHQ, continues to be vital to the UK’s safety and prosperity.”

Last year’s report highlighted 723 incidents that were handled by the NCSC, with the organisation saying the growth in the volume of incidents this year is in part as a result of its ongoing work to proactively identify threats.

The vaccine rollout and the health sector overall became an important focus for the NCSC, in order to protect the NHS, healthcare and vaccine supplier IT systems in the midst of the pandemic. Thanks to NCSC support, the University of Oxford – who were involved in conducting vaccine research – was able to protect itself from an attempted ransomware attack.

NCSCS has increased the resources available to respond to threats, including extending its Protective Doman Name System (PDNS) service to over 1,000 additional organisations operating in the health and social care sector.

Lindy Cameron, CEO of the NCSC, said: “I’m proud of the way that the NCSC has responded to what has been another hugely challenging year for the country as well all continue to navigate our way through the pandemic. The support and expertise we have provided for stakeholders from government all the way through to the general public during the pandemic has been vital to keeping the country safe online.

“Undoubtedly there are challenges ahead, but the upcoming National Cyber Strategy combined with the continued engagement from business and the public provides a solid foundation for us to continue reducing the impact of online threats.”

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Mike Fell: ‘The evidence is that cyber attacks against the NHS have plateaued’

Mike Fell: ‘The evidence is that cyber attacks against the NHS have plateaued’

Ahead of speaking at Rewired 2025, Mike Fell, executive director of national cyber security operations at NHSE, sat down with Digital Health.
Cyber Security Bill will prevent future attacks on NHS, says DSIT

Cyber Security Bill will prevent future attacks on NHS, says DSIT

A Bill intended to improve UK cyber defences will prevent attacks similar to the ransomware attack impacting London hospitals, said the DSIT.
NHS England to adopt new cyber security framework

NHS England to adopt new cyber security framework

The National Data Guardian and NHS England have announced a new cyber resilience framework for health and social care organisations.