Intended Audience for This Guidance This information is directed towards customers of Dixons Carphone plc and its main brands in the UK, specifically Currys PC World and Carphone Warehouse, as the National Cyber Security Centre (NCSC) collaborates with them to investigate a data breach. Overview of the Incident On June 13, 2018, Dixons Carphone plc…
Individuals frequently approach the NCSC to inquire whether it is advisable to use password managers (also known as password vaults). They ask questions about which password managers are recommended, who should utilize them—be it private individuals, small businesses, or large corporations—and the appropriate methods for using them. Furthermore, many wonder if it is secure to…
The National Cyber Security Centre (NCSC) is actively collaborating with organizations and partners throughout the UK that have been impacted by the ransomware known as ‘WannaCry’. This page provides guidance for home users and small businesses looking to decrease the risk of falling victim to WannaCry or other forms of ransomware. This guidance will be…
Many individuals inquire with the NCSC about the appropriateness of utilizing password managers (also referred to as password vaults). They wonder whether password managers are suitable for everyone – private citizens, small businesses, or large enterprises. Additionally, questions often arise regarding the safest methods to use these tools. Is it secure to store all essential…
When selecting a password, a reputable site typically doesn’t save it in a directly readable format. Instead, it undergoes a sophisticated mathematical transformation known as ‘hashing’. This process converts the plaintext password into an unreadable string referred to as a password hash, which the website securely retains. The remarkable aspect of hashing is its resistance…
Welcome to the newly established National Cyber Security Centre by GCHQ. What is our purpose? In recent years, GCHQ has made significant strides in the realm of cyber security. Collaborating with colleagues across the intelligence community, law enforcement, various governmental bodies, international partners, and the essential private sector, we have heightened awareness of cyber threats,…
We have recently shared the United Kingdom’s methodology for addressing vulnerabilities discovered in various technological systems. To clarify, the UK intelligence community, including the National Cyber Security Centre (NCSC), conducts vulnerability research aimed at identifying security flaws across a range of technologies, from commonly used devices to highly specialized equipment. Upon identifying a security vulnerability,…
As the National Cyber Security Centre (NCSC), our goal is to create a comprehensive suite of services that assist organizations in safeguarding against cyber threats. Some services we provide directly, leveraging our unique position, while others are offered through industry partners under NCSC assurance. We continuously evaluate the services we provide and aim to transition…
The annual DSIT workforce survey continues to highlight a significant cyber security skills gap within many organizations. While the government focuses on long-term strategies to close this gap, the NCSC provides a variety of digital and industry cyber services to assist organizations in safeguarding their data. In-House or Outsourced Cyber Security? Many organizations opt to…
This month marks a significant achievement in the realm of post-quantum cryptography (PQC) with the publication of three new algorithm standards (ML-KEM, ML-DSA, SLH-DSA) by NIST, the national standards organization of the United States. The NCSC has updated our PQC white paper to acknowledge this milestone. While the core technical messages of the document remain…
