The UK has made the decision to implement a new strategy when it comes to protecting itself from online threats, which the head of the new National Cyber Security Centre (NCSC), Ciaran Martin, has dubbed “active cyber-defence”.
In Washington, Martin delivered his first public comments as the chief executive of the NCSC in which he detailed the government's new measures for dealing with the barrage of constant cyber attacks faced by its businesses and citizens.
The centre will open next month and will take on the roles of protecting government and critical infrastructure. However, it will also be exploring how it can better engage with business and the public. The NCSC has already developed a plan to create automated defences that will offer protection from the high-volume but often unsophisticated cyber attacks that are a nuisance to the country.
Martin was critical of how often these attacks are able to breach the UK's security, saying: “Far too many of these basic attacks are getting through and they are doing a lot of damage.”
The NCSC's new strategy of active cyber-defence is taking a different approach than the one currently employed by the US government which actively pursues hackers on their own networks.
The centre has already begun to implement automated measures on government networks and has used the technology to ensure that UK government email is trusted, so that attackers are unable to use government email addresses to trick members of the public into believing that they are receiving genuine emails.
Martin spoke of how these new measures have already been successful, saying: “We trialled it, and whoever was sending 58,000 malicious emails per day from firstname.lastname@example.org.... isn't doing it anymore.”
The NCSC has also begun to consider new ways to tackle attacks that are launched using common malware. To combat these attacks, the centre has begun to send automated takedown requests to web host and others.
Image Credit: Sergey Nivens / Shutterstock