Several official reports from law enforcement agencies detailing arrests and takedowns of major cybercrime operations have been released in recent weeks across the UK and globally.

As the threat to the UK continues to evolve, the Government is also making a consistent effort to expand and enforce cybersecurity laws and improve defences.

Examples of reported takedowns include:

• an international operation that led to the arrest of 975 suspects related to financial cybercrime
• UK police arresting the administrator and more than 100 users of the ‘iSpoof[.]cc’ cyber fraud website
• a month-long anti-fraud crackdown across Europe leading to the arrest of 59 suspected scammers
• Canadian law enforcement officials arresting a dual Russian and Canadian national in October who was accused of participating in LockBit ransomware attacks against targets across the world

Government bodies and law enforcement agencies are also making significant changes to how they proactively approach cyber security.

On November 30, a statement was published stating that the UK’s cybersecurity laws will be updated to require outsourced IT providers to meet security standards.

Known as the Network and Information Systems (NIS) Regulations, the laws will be strengthened to protect essential and digital services against increasingly sophisticated and frequent cyber-attacks both now and in the future.

On November 9, the UK Government also released details of a new National Cyber Advisory Board that had taken place for the first time to discuss how they will protect and promote the UK’s interests in the cyberspace.

This includes making the UK prepared for evolving threats and risks and using cyber capabilities to protect the public against crime, fraud, and hostile state threats.

The National Cyber Advisory Board will meet every quarter, with the next meeting expected in the first quarter of 2023.

While the UK’s cyber security defences are improving, earlier this month, the National Cyber Security Centre (NCSC) published its annual review, which stated the cyber security threat to the UK has evolved significantly over the past year.

It is imperative that UK organisations continue to stay up to date with the evolving threat landscape and adopt a defence in depth approach. Further details from the NCSC can be found here.

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).