Tag: NCSC

  • UK Launches New Software Security Code of Practice Amid Rising Cyber Threats

    UK Launches New Software Security Code of Practice Amid Rising Cyber Threats

    As the global cybersecurity landscape becomes increasingly fraught with challenges, the United Kingdom has taken a significant step forward in software security initiatives. On May 7, the National Cyber Security Centre (NCSC) and the Department of Science, Innovation, and Technology introduced a voluntary Software Security Code of Practice aimed at establishing baseline security protocols for software development. This initiative comes at a crucial time, as threats targeting software supply chains continue to rise.

    The Code of Practice includes 14 essential principles categorized into four main themes: secure design and development, build environment security, secure deployment and maintenance, and effective communication with customers. Notably, the NCSC emphasizes that software vendors carry the responsibility for ensuring security throughout the development lifecycle, which includes safeguarding third-party components. These principles aim to bolster transparency regarding legacy software and significant incidents that could affect users, as highlighted by the NCSC’s official blog.

    Senior leaders in software organizations are now urged to prioritize security measures and enforce these guidelines across their teams. The NCSC suggests that employees gain formal qualifications and receive training in secure coding standards, ensuring a culture of security within software development environments. Despite these efforts, critics argue that the technology market’s focus on growth often comes at the expense of security, leading to a troubling gap in the development of secure products.

    This new Code of Practice is part of an ongoing government strategy to enhance cybersecurity across the UK over the past decade. Previous frameworks, such as the 2018 Code of Practice for Consumer IoT Security and the Product Security and Telecommunications Infrastructure Act, have laid crucial groundwork for enhancing security standards in developing devices. Advocates like Beau Woods, a cyber safety expert with I Am the Cavalry, stress that the acknowledgment of these principles signifies a shift towards making security practices the norm rather than an exception.

    While the Software Security Code of Practice marks significant progress toward a more secure software environment, its voluntary nature raises questions about its effectiveness. Industry experts, including Tony Anscombe of ESET, acknowledge the absence of regulatory mechanisms that would compel compliance. Many existing principles, such as those outlined by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST), operate on a similarly voluntary basis, questioning whether self-regulation alone can keep pace with rapidly evolving cyber threats. Continued advocacy from government and industry stakeholders will be crucial in ensuring that these standards are not only adopted but also effectively implemented.

    Looking ahead, the success of this initiative hinges on widespread adoption and the establishment of a culture of accountability in software development. If embraced broadly, the fundamental principles outlined in the Code could address significant vulnerabilities throughout the software life cycle. Discussions about the potential for a certification scheme based on these guidelines suggest that future steps could further solidify these practices within the industry.

  • UK National Cyber Security Centre Reports Surge in Significant Cyber Incidents

    UK National Cyber Security Centre Reports Surge in Significant Cyber Incidents

    The UK National Cyber Security Centre (NCSC) has reported a dramatic increase in the number of “nationally significant” cyber incidents, with over 200 such incidents managed from September 2024 to May 2025. This figure represents twice the number of incidents compared to the same timeframe last year, according to NCSC CEO Richard Horne during his keynote address at the CYBERUK conference in Manchester.

    The NCSC categorizes nationally significant cyber events as those with a substantial impact on the UK, affecting medium-sized organizations or posing considerable risks to larger entities and government operations. The rise in incidents aligns with confirmed ransomware attacks impacting major UK retailers like Marks & Spencer, Harrods, and Co-op, which have faced operational disruptions due to these threats.

    During the conference, Chancellor of the Duchy of Lancaster, Pat McFadden, highlighted alarming statistics from the NCSC’s 2024 Annual Review, revealing nearly 2,000 reports of cyber-attacks last year, with 89 classified as nationally significant, including 12 critical incidents. This marked a threefold increase in severe attacks compared to 2023, escalating concerns about the continuing threats posed by malicious cyber activities.

    In addition, Horne underscored that hostile nation-states operate within a “grey zone” that exists between peace and war, using cyber-attacks to achieve disruptive objectives while maintaining plausible deniability. He identified China as the primary threat to the UK cyber landscape, with the Chinese Communist Party leveraging vast capabilities. The NCSC has also noted increased cyber espionage activities from Russia, particularly as geopolitical tensions rise concerning Ukraine, demonstrating a worrying convergence of cyber and physical attacks against UK interests.

    As ransomware continues to be a persistent risk, Horne supports the Home Office’s proposed ban on ransom payments in the public sector, asserting the need for a future where paying ransoms is not an option. He described the threat of ransomware as possibly the most pressing challenge the UK faces in cybersecurity today.

  • UK Legal Aid Agency Investigates Potential Cybersecurity Breach

    UK Legal Aid Agency Investigates Potential Cybersecurity Breach

    The Legal Aid Agency (LAA), an executive agency of the UK’s Ministry of Justice, is currently investigating a cybersecurity incident that has raised concerns about the potential exposure of sensitive financial information. The attack has prompted the agency to warn approximately 2,000 legal aid providers—including barristers, solicitor firms, and non-profit organizations—about the risks associated with their payment details possibly being compromised.

    In an official letter sent to the affected law firms, the LAA stated it could not confirm whether any data had actually been accessed. However, the acknowledgment of risks came in light of reports from Sky News, indicating that the security of payment information might have been affected. The agency expressed its urgency in addressing this situation, mentioning that they are taking steps to mitigate any potential harm.

    The investigation is being conducted alongside the UK’s National Crime Agency (NCA) and the National Cyber Security Centre (NCSC), both of whom are offering support to the LAA in understanding the extent of the threat. An NCA spokesperson confirmed that they are actively examining the cybersecurity incident while working collaboratively with relevant partners from the Ministry of Justice.

    This breach occurs against the backdrop of a series of high-profile cyberattacks on UK retailers, including Co-op, Marks & Spencer, and Harrods. These incidents have led to increased scrutiny of cybersecurity measures across various sectors, prompting the NCSC to issue guidance encouraging all UK organizations to enhance their defenses amidst growing threats. The NCSC has called recent events a ‘wake-up call’ for businesses to remain vigilant and proactive in their security protocols.

  • UK Cyberattacks on Retail Sector Highlight Security Vulnerabilities

    UK Cyberattacks on Retail Sector Highlight Security Vulnerabilities

    The United Kingdom’s National Cyber Security Centre (NCSC) has sounded the alarm over a series of cyberattacks affecting notable retail chains in the country, describing the situation as a “wake-up call” for businesses to bolster their cybersecurity measures. Following a string of incidents targeting major players in the retail sector, the NCSC has emphasized the importance of adequate defenses to protect against similar threats in the future.

    As part of its response to these increasing threats, the NCSC, which operates under the auspices of the GCHQ intelligence agency, is collaborating with impacted organizations to determine the full scale and nature of the attacks. Dr. Richard Horne, CEO of the NCSC, noted that the disruptions pose serious risks not just to the businesses involved, but also to their customers and the general public. He urged all organizations to adopt recommended precautions found on the NCSC website to enhance their resilience against cyber threats. (Source)

    Amid this turmoil, the UK House of Commons’ Business and Trade Committee has summoned executives from major retailers including Marks & Spencer and Co-op to discuss whether they have received adequate support from relevant governmental bodies, including the NCSC and the National Crime Agency.

    The recent escalation in cyber threats may present a clear and alarming picture of the current state of digital security within the retail sector. Reports indicate that luxury department store Harrods was targeted on May 1st, following incidents affecting Co-op and Marks & Spencer in the preceding weeks. Harrods has initiated precautionary measures including restricting access to certain websites while it assesses the situation.

    Co-op also disclosed a security incident that triggered shutdowns of some IT systems as a precautionary measure against hacking attempts. Meanwhile, Marks & Spencer confirmed that its systems were compromised in a ransomware attack attributed to the notorious group Scattered Spider, causing disruptions in online ordering and contactless payment systems. (Source) The repercussions of these incidents underscore the pressing need for heightened vigilance and readiness within the retail landscape.

  • Harrods Confirms Cyberattack as UK Retailers Face Rising Threats

    Harrods Confirms Cyberattack as UK Retailers Face Rising Threats

    Harrods, the renowned luxury retailer, has acknowledged an attempted cyberattack on its systems, becoming the third major UK retailer to report such an incident within a fortnight. The company issued a statement indicating that, similar to an earlier attack on Co-op, the breach may not have succeeded.

    In its communication to The Register, Harrods stated, “We recently experienced attempts to gain unauthorized access to some of our systems.” The firm assures its customers that all its stores, including those located in Knightsbridge, H beauty shops, and airport venues, remain operational despite the security concerns. Harrods refrained from commenting on specific safety measures taken, such as restricting internet access.

    The ongoing cyber challenges faced by Harrods follow similar incidents at M&S and Co-op, which have yet to determine if ransomware was involved in the breaches. Reports allege that Scattered Spider, a known affiliate of ransomware operations, could be linked to these attacks. Will Thomas, a threat intelligence expert and SANS instructor, has urged UK retailers to enhance their cybersecurity defenses.

    Richard Horne, CEO of the UK’s National Cyber Security Centre (NCSC), has publicly commented, stating that the wave of cyberattacks should serve as a wake-up call for all organizations. He emphasized the NCSC’s commitment to assisting affected retailers and stressed the urgency for businesses to adopt protective measures against such attacks.

    While links between the recent cyberattacks on these retailers remain unclear, experts are closely monitoring the situation. The NCSC continues to work with affected organizations to provide advice and support as the retail sector grapples with these escalating cyber threats.