NCSC Intensifies Cybersecurity Across UK Public Sector
The National Cyber Security Centre (NCSC), UK has introduced four ‘Active Cyber Defence’ (ACD) programmes aimed at improving basic cyber security measures across the UK public sector. This initiative is expected to benefit UK businesses, and these businesses would be able to utilize the ACD services directly in the future. The massive increase in cyber security incidents – breaches, malware attacks, ransomware attacks has all led to the government taking stronger measures to ensure better cyber security. The increase in digitization has led to the ACD programme to make infrastructure, products, and services safer, and also in a manner that makes it easy to be safely used by both businesses and organizations.
Implementing cyber security measures requires considerable investment and it all boils down to the net return on investment. Cyber security investment provides both direct and indirect benefits. The four measures endorsed by the NCSC are:
1. Protected Domain Name Service (DNS)
This new service utilizes the malicious address data base available with the Government Communications Headquarters (GCHQ) and other partners to block the user from accessing or getting rerouted to those malicious addresses. The NCSC, in collaboration with a commercial partner, has set up a DNS filtering service to automatically prevent users on public sector systems from visiting or getting routed to such malicious websites. This feature would be quite useful, as all public sector staff may not be cyber security savvy.
2. Blocking Spoofing Emails
Spoofing emails and spear-phishing emails are a major threat to the public sector. Attackers are known to initiate their malicious campaign by sending fake emails that are made to appear as if they are from the government. The spoofed emails are laced with malware attachments or links. It has been the easiest way of infecting an endpoint on a network, from where the malware spreads to other systems on the network. Attackers would be able to steal sensitive credentials to commit identity fraud.
The NCSC is also offering the “Mail Check service” that processes DMARC reports to increase knowledge about threats.
Government domains that have already registered with these services have significantly benefited considering the huge volume of spoofing mails that had been blocked.
3. Free Web Check Vulnerability Scan Service
The NCSC is offering a free Web Check service that scans websites for vulnerabilities. This service scans the websites and provides an easy-to-understand report on what all needs to be fixed, and recommends the way they are to be fixed. Many public body websites are vulnerable even to simple cyber attacks, and this tool would serve a great purpose.
A prototype of this tool is being used by some organizations, and a full version is to be released shortly. There are many commercial versions of this tool, however, some may be non-affordable for smaller public sector organizations.
4. Blocking Phishing and Malware Attacks
The NCSC is collaborating with Netcraft, a private firm, to protect public sector government organizations from phishing and malware attacks. They have developed and are offering this service to all government organizations.
In order to further enhance the capabilities of the collaborative tool, users at government organizations must share details of malicious, phishing emails, phishing campaigns or cloned sites that they encounter. The collaborator will take appropriate action – initiate action to take down the URLs and email and phishing sites.
This initiative has been quite beneficial so far, and the NCSC will be further augmenting these measures to enhance cyber security at UK public sector organizations.