Data sharing initiative enables positive action on 30,000 cyber crime threats

The details of more than 30,000 individual cyber crime threats have been shared with Internet hosting companies as part of a programme of industry engagement carried out by the National Crime Agency (NCA) and CERT-UK, the UK’s Computer Emergency Response Team. Customised threat alerts have been provided to around 50 organisations over a period of nearly three months, in turn enabling them to take remedial action in order to protect their customers and networks.

The alerts included details of server compromises being used for crime including malicious software (malware) infections (used by criminals to take control of and steal data from computers), phishing (attempting to obtain sensitive information by deception), Distributed Denial of Service (DDoS) attacks (flooding websites with requests and making them temporarily unobtainable) and Command and Control systems for botnets (networks of computers infected with malware).

Limited initial analysis of the project has suggested a 12% average reduction in the number of specific threats on the hosting company servers.

While there’s no universally agreed cost of cyber crime to the UK, the NCA estimates that, across a given 12-month period, an overall 12% decrease in malicious domains hosted in the UK could reduce losses incurred by businesses by “tens of millions” of pounds.

Cyber protection officers

New cyber protection officers from police Regional Organised Crime Units will now be engaging with threat feed recipients to support their mitigation efforts.

This activity follows a similar programme carried out earlier in the year which identified 5,531 compromises on UK servers, and is part of ongoing NCA engagement with industry partners – among them banks and security companies – to collaboratively tackle cyber crime threats.

The NCA is also continuing to inform hosting companies and other relevant businesses that they can join the Cyber Security Information Sharing Partnership (CiSP) to receive live threat data feeds provided by CERT-UK.

Paul Hoare, industry partnerships senior manager at the NCA’s National Cyber Crime Unit, said: “Working with industry to jointly combat cyber crime is a priority for the NCA. Sharing timely and customised intelligence with hosting companies can contribute towards the protection of the UK’s Internet infrastructure. Many alert recipients have taken timely action against the threats identified, and this is likely to have prevented losses to individuals and businesses further down the line. We continue to use all the means at our disposal to make the UK’s people and businesses the most difficult targets for the cyber criminals to aim at.”

CERT-UK’s director Chris Gibson added: “This initiative is another step in helping industry build its resilience and a timely reminder of the importance of collaboration between industry, law enforcement and Government. The alerts are available to companies who are part of the CiSP, which is a free joint industry/Government initiative to share cyber threat and vulnerability information in order to increase overall situational awareness of that threat and, therefore, reduce the impact on UK business.”

The project has also been assisted by the Shadowserver Foundation, a not-for-profit organisation dedicated to making the Internet safer by employing the skills of volunteer security specialists from around the world.

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts