7.1 million suspicious emails and URLs were flagged by UK organisations and citizens via the NCSC’s free Suspicious Email Reporting Service (SERS) between January 2022 and December 2022. That is equivalent to nearly 20,000 reports a day.
The reports, many of which came from UK businesses, contributed to the direct removal of nearly a quarter of a million (235,000) malicious URLs from the internet by the NCSC since SERS launched in April 2020.
It took less than 6 hours on average for the NCSC to remove reported malicious URLs from the internet.
The finding is one of many insights in the sixth annual report from Active Cyber Defence (ACD), a programme from the NCSC which takes a “whole-of-society" approach to cybercrime and prevents millions of high-volume cyberattacks from ever reaching UK organisations and citizens each year.
Jonathon Ellison, director for national resilience and future technology, NCSC, said, “In a cyberthreat environment that resembles the Hydra – cut down one attack, another springs up in its place – ACD is once again doing unparalleled work to keep the country safe.
“As this latest report shows, cybersecurity is not the sole preserve of tech specialists: businesses are increasingly alive to and eager to engage with the risks they face, signing up in swathes to make the most of NCSC data and expertise.
“Small businesses have a key role to play in making it safer to work and live online, which is why we’re making it even easier for them to shore up their defences with accessible, free tools and soon, to manage these effortlessly via our integrated MyNCSC platform.”