The UK’s National Cyber Security Centre has released its annual review for 2019 which sets out cybersecurity trends and looks at how the agency has been protecting consumers and businesses.
One of the most interesting findings is the list of most hacked passwords. ‘Superman’, exposed 333,139 times, and ‘blink182’, exposed 285,706 times, top the lists for fictional characters and musicians respectively. If you are a soccer fan, ‘liverpool’, exposed 280,723 times, is not a good password choice. But it’s old favorite ‘123456’, exposed more than 23 million times, that’s top overall.
Another interesting feature of the report is the NCSC’s pioneering Haulster operation which has disrupted financial cyber crime by flagging fraudulent intention against more than one million stolen credit cards. This has allowed the banks to take action before cybercrimnals actually tried to use the cards. The NCSC is in the process of scaling this operation, and hopes to reduce considerably more attacks in the near future.
It also highlights the success of the Active Cyber Defence (ACD) scheme, an interventionist approach that helps prevent attacks thanks to things like the Takedown Service, which finds malicious sites and sends notifications to the host to get them removed.
- TikTok removed nearly 90 million videos globally in the second half of 2020
- Mastercard, MTN partner To enable payments on global platforms with Mobile Money
- Using lessons learnt in 2020 to combat the security threats in 2021
- Cybercrime and the pandemic – Read Now!
- Here is why enterprise security isn’t just an IT problem
Over the past year the NCSC has handled 658 cyber incidents, with support provided to almost 900 victim organizations, prevented more than 177,000 malicious phishing attacks, produced 154 threat assessments for a range of sectors, and delivered, along with sector and law enforcement partners, cyber security awareness and training sessions to more than 2,700 charities.
“This review gives a real insight into the breadth of outstanding work done by the NCSC and underlines why we are a world leader in cyber security,” says NCSC chief executive Ciaran Martin. “From handling more than 600 incidents — many from hostile nation states — to equipping the public with the tools they need to stay safe online, we are employing our expertise on a number of fronts.”
The report does raise concerns about people’s ability to stay safe online, however. “Worryingly, the NCSC report discovered that only a third of British people know how to protect themselves from cyber breaches, highlighting the lack of public education with regards to security. Passwords are the weak link, and organizations must have an obligation to protect their customers and provide the safest methods of authentication,” says Jason Tooley, chief revenue officer at digital ID specialist Veridium. “Eliminating the password from user authentication is more easily achieved with the adoption of biometrics, as this negates the risk of phishing. Transitioning to a passwordless approach does not mean using a biometric in isolation, still using PINS or replaying passwords in the background, you need to remove passwords in their entirety across all factors of authentication.”