HM Revenue & Customs has closed down 4,000 illegal websites and responded to 75,000 phishing reports as part of its pro-active technical measures to protect taxpayers from online fraud.
HMRC stated it had secured web domains that could be used by criminals to send fraudulent emails to customers for the purposes of delivering malware or stealing personal information.
More than 94% of all fraudulent emails spoofing HMRC web domains are now being deleted by internet service providers (ISPs), preventing delivery to customers’ mailboxes, according to HMRC.
Speaking at a cyber security conference in September, Edward Tucker, head of cyber security at HMRC, said: "We are losing the ability to use email because spam degrades it as a communication channel."
HMRC’s efforts were among the initiatives highlighted in a progress report on the UK’s cyber security strategy. The government is three years into its five-year plan to make the UK the best place for cyber business.
More on UK cyber security
"The long-term economic plan of this government continues to be to make the UK one of the most secure places globally for cyber innovation and commerce," said Francis Maude, minister for the Cabinet Office and paymaster general.
The government has set aside £860m between 2011 and 2016 to fund the UK cyber security strategy. For the next two years, national cyber security funding will remain at just over £200m per year, according to The UK cyber security strategy report on progress and forward plans, December 2014.
The Cabinet Office report stated that 81% of large organisations and 60% of small organisations reported a breach in 2014. Although the overall number of breaches has gone down since 2013, the reported cost and severity of those breaches has increased significantly.
We want boards, customers and investors to be thinking about cyber security issues when they make purchasing or investment decisions
UK cyber security strategy report
For small organisations, the worst breaches cost between £65,000 and £115,000 on average, and for large organisations the cost is between £600,000 and £1.15m.
"The government judges there is more to do before managing cyber risk is truly seen as integral to good business practice," the report stated. "We want boards, customers and investors to be thinking about cyber security issues when they make purchasing or investment decisions. We want the market to identify and reward good practice."
To encourage best practices in security, the Department for Business and Industry, the Cabinet Office and GCHQ launched the Cyber Essentials scheme. Since the launch, 124 companies have been awarded the Cyber Essentials badge, including high-profile organisations such as Barclays, Vodafone and the CBI, and more are going through the process.