UK National Cyber Force disabled stolen credit cards and servers used by cybercriminals

Tens of millions of pounds saved by NCF actions, according to spy chief

Hundreds of thousands of stolen credit cards were blocked by hackers working for the UK's National Cyber Force (NCF), preventing "tens of millions of pounds in potential fraud" against the British economy, according to Sir Jeremy Fleming, the head of UK spy agency GCHQ.

Speaking at the National Cyber Security Centre's (NCSC) Cyber UK event in Newport, Wales, the GCHQ chief described how the NCF is collaborating with international partners to undermine cybercriminal networks by denying them access to malware and other malicious tools and preventing hackers from profiting from cybercrime.

The NCF, which was established in October 2020, is a partnership between defence and intelligence with powers to intervene directly in cybercrime cases.

Fleming said that through the NCF, the agencies are actively undermining cybercriminals' belief that they can act with impunity on the internet. He said the NCF has disrupted criminals' activities and made it clear to them that they're being watched.

"In real life this means: tens of millions of pounds in potential fraud against the UK economy avoided. Hundreds of thousands of stolen credit cards made worthless to the criminals, and countless potential victims of crime around the world with their data and accounts safeguarded," said Fleming.

He didn't elaborate on how this was accomplished but added that the NCF has already had a big impact, improving the UK's defences, fighting misinformation, aiding the military's foreign operations, and assisting law enforcement in pursuing criminal gangs.

The head of GCHQ stated that the UK must continue to focus on cybercriminals and other threat actors who are continuously changing their strategies in order to profit from illicit operations.

He also cautioned that the UK and other nations supporting Ukraine in its fight against Russia's military aggression must enhance their cybersecurity capabilities.

Fleming also emphasised the need for government-supervised cybersecurity training, to produce skilled personnel who may be assigned duties to defend companies against cyberattacks.

NCSC's email security tool

On Tuesday, the National Cyber Crime Centre, the cyber arm of GCHQ, said that it helped stop a record 2.7 million online scams in 2021, four times the previous year's total. The most prevalent frauds, according to NCSC, were celebrity impersonations and bogus extortion emails, although scammers also used several other themes, including NHS vaccinations and vaccine passports.

In one particularly bold case, hackers attempted to impersonate NCSC chief executive Lindy Cameron.

This week, the NCSC launched a new email security check tool to assist organisations discover vulnerabilities in their email domains that might allow attackers to fake emails or compromise email privacy.

The tool, which was unveiled on the first day of the CYBER UK 2022 conference, allows users to look up any email domain and see if it has implemented recommended security measures to prevent criminals from sending out harmful emails.

The Email Security Check, according to NCSC, does not require registration or personal information to use and is aimed at assisting technical teams at organisations to identify issues quickly so that they can strengthen their defences in accordance with NCSC guidance on email security and anti-spoofing.