The National Cyber Security Centre (NCSC) has announced the launch of four ‘Active Cyber Defence’ programs to improve basic levels of cybersecurity across UK business and government departments.
Described as “four simple and free measures for government departments to improve basic cybersecurity, which are ready to be implemented immediately by departments and their arm’s-length bodies”, it follows the news of an attempted brute force attack on parliamentary emails a week ago.
Developed as part of the government’s National Cyber Security Strategy, it “aims to make infrastructure, products and services automatically safer and easier to use safely by organizations and individuals.”
The four programs see the NCSC offer DNS filtering to prevent redirects, adding DMARC services to cut down on phishing opportunities, the WebCheck service which scans websites for common vulnerabilities and a notification service for suspicious websites with Netcraft.
Andrew Clarke, EMEA director at One Identity, told Infosecurity that he felt that this was reassuring, and that this “sets a good example for commercial organizations to emulate as they also take a more pro-active cybersecurity stance.”
He said: “In our rapidly changing world, some of the basics get overlooked, so having a pro-active service will be reassuring to government departments that need to concentrate on delivering a quality service to citizens.
“Taking a look at the four measures, these are all good pro-active measures that remove a lot of the day-to-day irritations. This is a great start and as long as the service develops further and extends to cover some of the more sophisticated techniques now being adopted then it will help more comprehensively.”
Mark James, security specialist at ESET, added that any help towards taking the “sole onus away from the user has to be a great thing, as when the end-user does not actually understand or even be in a position to make a factual choice regarding something being good or bad, then relying on those choices to keep us safe is starting on a negative to begin with.”
Kyle Wilhoit, senior cybersecurity threat researcher at DomainTools: said: “The steps taken by the NCSC is a great starting point to address underlying architectural issues and basic security vulnerabilities common in many different environments. Filtering DNS, making BGP hijacking more difficult, and the steps the ADC is taking in requiring DMARC are all great steps to cut out ‘low hanging vulnerabilities’. These compensating controls aren't perfect, and against targeted attacks may not be as useful, but the NCSC and ADC are great steps in the right direction.”