Managed services provider Memset welcomes the clear benefits to the security of SMEs in the UK, presented by the recommended rollout out of the NCSC’s Active Cyber Defence (ACD) programme. Endeavours such as this can help us succeed in driving out low-sophistication ‘commodity’ cyber-attacks from the UK.
The Cybersecurity Research Group and Policy Institute at King’s College London recently published a report recommending rolling out ACD into the private sector – which was originally launched to protect public sector organisations at the end of 2016. ACD deploys a range of automated measures against low level attacks including phishing. Its main activities, which have been deployed across the public sector, include:
Takedown Service – asking hosting providers to remove websites and content impersonating the UK government
Mail Check – which makes it harder for criminals to distribute emails that look like they come from a trusted source
Web Check – helps government website owners check for common security issues
Protective Domain Name System (DNS) – blocks government users’ access to bad websites, such as those known to distribute malware
Commenting on the report, Thomas Owen, Head of Security at Memset said:
“Taking ACD into the private sector is a great idea. While the technology might not be new in detail, what is revolutionary is the scale and the way they plan to combine direct, automated relationships with core service providers and a free-to-consume, publicly accessible tooling, positioned as an innate government responsibility.
“I expect to see many security specialists in enterprises with keen interest in how they can implement ACD tools in their own organisations. While this initiative could go unnoticed by many SMEs that lack IT and security savvy personnel, they will passively benefit from the high barrier to entry for cybercrime encouraged by this approach. SMEs are often the most vulnerable to cyber attacks, and therefore any activity that raises their defensive capabilities is something that national initiatives like this should focus on.”
Cybercrime, particularly at low complexity levels, is all about economies of scale and cybercriminals are as vulnerable as the rest of business to changes in market forces. Initiatives like ACD seek to leverage low-complexity, national scale assets and in the process change the black-market economics of cybercrime to make it less cost effective for criminals to operate in the UK. By starving out the low end of cybercrime, the NCSC could directly contribute to the security of the majority of UK citizens and the viability of UK SME businesses.
Thomas continues:
“By deploying ACD throughout the UK network – private and public – the NCSC hopes to drive out commodity attacks from the UK. Unless we can continue to bring smaller organisations along without making unsustainable demands on their businesses, a vulnerable underbelly will continue to exist in the UK, providing a continuing viable market for those wanting to profit from these sorts of attacks.
“The recommendation to rollout ACD is a great start, but in the same way that the progress of a flu epidemic cannot be stopped by an individual’s personal hygiene, we need a systemic response to deploy immunisation to protect the average UK citizen against generic cyberthreats. What we need is the herd immunity. Could, and should, the ACD rollout be the first step towards an NHS for cybersecurity?”
