In 1919, the British government established the Government Code and Cypher School (GC&CS) which, with the help of cryptanalyst Alan Turing, decrypted Enigma-coded messages during the WW II. Some estimates suggest the code breakers at Bletchley Park saved up to fourteen million lives by shortening the war by two years.
In 1946, GC&CS became The Government Communications Headquarters (GCHQ), which currently employs more than 5,000 people. One of the departments within GCHQ is The National Cyber Security Centre (NCSC). It is their task to protect essential services from computer hackers. Their mission statement is “to help protect our critical services from cyber attacks, manage major incidents, and improve the underlying security of the UK Internet through technological improvement and advice to citizens and organisations”.
They provide a handy cybersecurity checklist on their website that includes details of firewalls, 2FA, and antivirus protection against malware. The emphasis for NCSC is to protect services like the NHS and businesses from attack, but it’s also a useful source of information for individuals who are new to crypto. NCSC published a 28-page report April 10, 2018, detailing the cyber attacks faced by the UK in the previous 12 months. It’s an annual report and the latest one covers:
- WannaCry – NHS compromised May 2017
- Phishing – Dublin Zoo lost $600,000
- Mandate fraud – costs British business over £30 million each
- Data breaches of Yahoo, Uber, and Equifax
- Internet of Things (IoT) security
- CPU vulnerabilities – Meltdown and Spectre
- Supply chain attacks – MeDoc and CCleaner
- UK parliament – unauthorized email access
The section on cryptojacking references an article which states 55% of businesses worldwide were affected by cryptominers. It adds that, although cryptojacking is mainly carried out by cybercriminals, it is also used by websites as an income stream in place of conventional advertising. Ad blockers are becoming increasingly popular, so some websites argue they need readers to compensate them by mining for cryptocurrencies. If the website makes it clear that visitors to the site will be using their CPU to help finance the site, it’s not an unreasonable request. However, is would certainly be frowned upon if it’s done without the consent of the user.
A review carried out in February 2018 established that there were 4,000 websites worldwide, including 600 in the UK, that were secretly mining for crypto. The sites were using a modified screen-reading plugin used by blind and partially sighted people. The NCSC recommends using an ad blocker together with antivirus software that includes mining prevention features.
Financial analyst, smartphone app designer, technical writer, and crypto enthusiast. Blockchain verified graduate of MOOC 9, DFIN-511: Introduction to Digital Currencies, run by the University of Nicosia.