The National Cyber Security Centre (NCSC) is investigating the implications of a vulnerability in WPA2 Wi-Fi networks known as ‘Krack’, first reported on 16 October 2017. This page offers guidance to enterprise administrators, small business owners, and home users regarding the recently identified vulnerability in their Wi-Fi networks. This information will be revised as new…
Overview This guide details the steps for enabling 2-step verification (2SV) on your vital online accounts. Implementing this feature significantly reduces the likelihood of unauthorized access, even if your password has been compromised. For IT professionals seeking guidance on broader implementation of 2SV in larger organizations, please consult the NCSC’s dedicated resource on multi-factor authentication…
Intended Audience for This Guidance This advisory is aimed at customers of Dixons Carphone plc, including its main brands in the UK, Currys PC World and Carphone Warehouse, as the NCSC collaborates with them to address a data breach incident. Summary of the Situation On June 13, 2018, Dixons Carphone plc disclosed that a review…
Intended Audience for This Guidance This information is directed towards customers of Dixons Carphone plc and its main brands in the UK, specifically Currys PC World and Carphone Warehouse, as the National Cyber Security Centre (NCSC) collaborates with them to investigate a data breach. Overview of the Incident On June 13, 2018, Dixons Carphone plc…
Individuals frequently approach the NCSC to inquire whether it is advisable to use password managers (also known as password vaults). They ask questions about which password managers are recommended, who should utilize them—be it private individuals, small businesses, or large corporations—and the appropriate methods for using them. Furthermore, many wonder if it is secure to…
The National Cyber Security Centre (NCSC) is actively collaborating with organizations and partners throughout the UK that have been impacted by the ransomware known as ‘WannaCry’. This page provides guidance for home users and small businesses looking to decrease the risk of falling victim to WannaCry or other forms of ransomware. This guidance will be…
Many individuals inquire with the NCSC about the appropriateness of utilizing password managers (also referred to as password vaults). They wonder whether password managers are suitable for everyone – private citizens, small businesses, or large enterprises. Additionally, questions often arise regarding the safest methods to use these tools. Is it secure to store all essential…
When selecting a password, a reputable site typically doesn’t save it in a directly readable format. Instead, it undergoes a sophisticated mathematical transformation known as ‘hashing’. This process converts the plaintext password into an unreadable string referred to as a password hash, which the website securely retains. The remarkable aspect of hashing is its resistance…
Welcome to the newly established National Cyber Security Centre by GCHQ. What is our purpose? In recent years, GCHQ has made significant strides in the realm of cyber security. Collaborating with colleagues across the intelligence community, law enforcement, various governmental bodies, international partners, and the essential private sector, we have heightened awareness of cyber threats,…
We have recently shared the United Kingdom’s methodology for addressing vulnerabilities discovered in various technological systems. To clarify, the UK intelligence community, including the National Cyber Security Centre (NCSC), conducts vulnerability research aimed at identifying security flaws across a range of technologies, from commonly used devices to highly specialized equipment. Upon identifying a security vulnerability,…
