The UK’s National Crime Agency is claiming a new threat information sharing initiative has already helped web hosters reduce the threat to their servers by 12%, potentially saving them millions.
The NCA said last week that it shared details related to over 30,000 separate threats with internet hosting companies as part of a joint program with CERT-UK.
Around 50 organizations took part over a near three-month-long program, using info on malware infections, phishing attacks, DDoS and command and control (C&C) systems to help take remedial action.
The crime agency’s initial analysis claimed the 12% reduction in the volume of malicious domains over a whole year could reduce cybercrime losses by “tens of millions of pounds.”
Specially trained officers from police Regional Organised Crime Units (ROCUs) are now being sent out to support those organizations that benefited from the threat intelligence.
“Working with industry to jointly combat cybercrime is a priority for the NCA, and sharing timely, customized intelligence with hosting companies can contribute to the protection of the UK internet infrastructure,” said NCA industry partnerships boss Paul Hoare.
“Many alert recipients have taken timely action against the threats identified, and this is likely to have prevented losses to individuals and businesses further down the line.”
The threat alerts are also available to firms who sign up to the government’s Cyber-security Information Sharing Partnership (CISP) initiative, designed to improve situational awareness for members by facilitating the sharing of threat and vulnerability information.
Governments and their law enforcement and intelligence agencies are increasingly being put under pressure to share the wealth of threat information they collect with the private sector, in order to bolster the resilience and economic well-being of UK PLC.
BH Consulting founder and Europol advisory group member, Brian Honan, welcomed the news.
"Many though have criticized these initiatives as being primarily one way, whereby information from the private sector is going into the public sector but very little is coming back in return. This type of sharing from the NCA is a welcome change to that status quo and the quality of the information they share will be of major benefit to the ISPs," he told Infosecurity.
"One can only hope that now the ISPs have real actionable information they will work on it to make the internet a safer place for all."
In the US, efforts to legislate on such matters have backfired, after rights groups and technology giants came out against the Cybersecurity Information Sharing Act, which was nevertheless passed by the Senate last month.
Its opponents argue that the law could introduce major privacy issues and even make it harder for international firms to do business with their US counterparts.