Support 110 years of independent journalism.

  1. Spotlight
  2. Cybersecurity
11 April 2018updated 24 Jun 2021 12:23pm

NCSC and UK law enforcement launch new cyber attack guidelines

UK cyber breaches are being sorted into six detailed types of incident.

By Rohan Banerjee

The National Cyber Security Centre (NCSC) and UK law enforcement have drawn up a new categorisation brief for cyber attacks that will help them to coordinate and streamline their responses depending on the nature of the incident.

The previous NCSC guidelines around cyber breaches – split into just three types of incident – have now been broadened to cover six detailed classifications instead.

A Category One attack on the new brief, for example, constitutes a “national cyber emergency”. This would necessitate strategic leadership from the Cabinet Office, tactical cross-government coordination by NCSC, working closely with the police.

A Category Three attack, meanwhile, is now considered a “significant incident” and relates to a large organisation or local government, or the delivery of essential UK services. The response to this sort of attack would be typically led by the NCSC itself.  

A more moderate Category Six breach or “localised incident”, however, relates to a cyber attack on an individual or preliminary indications of an attack against a small or medium-sized business. Category Six breaches may be handled by an online Automated Protect advice or a localised response by the police.

Select and enter your email address Your new guide to the best writing on ideas, politics, books and culture each weekend - from the New Statesman. A quick and essential guide to domestic politics from the New Statesman's Westminster team. A weekly newsletter helping you understand the global economic slowdown. The New Statesman’s weekly environment email. Stay up to date with NS events, subscription offers & updates.
  • Administration / Office
  • Arts and Culture
  • Board Member
  • Business / Corporate Services
  • Client / Customer Services
  • Communications
  • Construction, Works, Engineering
  • Education, Curriculum and Teaching
  • Environment, Conservation and NRM
  • Facility / Grounds Management and Maintenance
  • Finance Management
  • Health - Medical and Nursing Management
  • HR, Training and Organisational Development
  • Information and Communications Technology
  • Information Services, Statistics, Records, Archives
  • Infrastructure Management - Transport, Utilities
  • Legal Officers and Practitioners
  • Librarians and Library Management
  • Management
  • Marketing
  • OH&S, Risk Management
  • Operations Management
  • Planning, Policy, Strategy
  • Printing, Design, Publishing, Web
  • Projects, Programs and Advisors
  • Property, Assets and Fleet Management
  • Public Relations and Media
  • Purchasing and Procurement
  • Quality Management
  • Science and Technical Research and Development
  • Security and Law Enforcement
  • Service Delivery
  • Sport and Recreation
  • Travel, Accommodation, Tourism
  • Wellbeing, Community / Social Services
Visit our privacy Policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.

According to the NCSC, the move to the new framework, which is effective immediately, will improve consistency and speed in incident responses, making better use of resources and ultimately leading to more victims of cyber crime receiving support.

Content from our partners
To truly tackle regional disparities, we need a new type of devolution
How smart meters helped a business thrive
The case for sustainable thematic investing

The NCSC, a dedicated arm of GCHQ, has dealt with more than 800 significant cyber attacks since October 2016, and the organisation’s director of operations Paul Chichester is confident that the more in-depth framework will only improve already elite security protocol.

Chichester said: “This new joint approach, developed in partnership with UK law enforcement, will strengthen the UK’s ability to respond to the significant, growing and diverse cyber threats we face.”

National Police Chiefs’ Council Lead for Cyber Crime, Chief Constable Peter Goodman, added: “Sharing a common lexicon enables a collaborative understanding of risk and severity that will ensure that we provide an effective, joined-up response. This is good news for the safety of our communities, business and individuals.”

The NCSC’s new framework covers cyber incidents in all aspects of the economy, including central and local government, industry, charities, universities, schools, small businesses and individuals.

Any cyber attack which may have a national-level impact, for instance, should be reported to the NCSC immediately. This includes cyber attacks which are likely to harm UK national security, the economy, public confidence, or public health and safety, such as the WannaCry ransomware attack on the NHS.

Depending on the incident, the NCSC may be able to provide direct technical support. The NCSC also provides comprehensive guidance and advice on its website for companies or individuals in need.

People or businesses suffering from a cyber attack below the national impact threshold should contact Action Fraud, UK’s national fraud and cyber crime reporting centre, who will respond in accordance with the new incident categorisation.

Topics in this article :