lolloj - Fotolia

National Cyber Security Centre boss plans to scale up DNS filters

National Cyber Security Centre boss Ciaran Martin sets out plans to launch a countrywide firewall, blocking malware and fight hackers

Speaking at the Billington Cyber Security Summit in the US on 13 September 2016, National Cyber Security Centre (NCSC) CEO Ciaran Martin said too many “basic” cyber attacks are getting through, as he laid out plans to scale up British security defences.

Martin said NCSC and GCHQ are working to use a series of automated measures “aimed at making UK government networks the most secure in the world”.

One of the biggest projects currently ongoing is its flagship programme on scaling up DNS filtering, which aims to block bad websites.

“What better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?” said Martin.

However, he added that these “economy-wide initiatives” have to be led by the private sector.

“The government does not own or operate the internet. Consumers must have a choice. Any DNS filtering would have to be based on an opt out basis. Addressing privacy concerns and citizen choice is hardwired into our programme,” he said. 

Unsophisticated cyber attacks 

The NCSC, which was first announced by then-chancellor George Osborne in November 2015, is still in its infancy and will officially open in October 2016. 

Its aim is to host a cyber force ready to handle cyber incidents and respond faster and more effectively to attacks. It will also be a unified source of advice and support for the economy, replacing the current array of bodies with a single point of contact

Martin said the majority of cyber attacks “aren’t terribly sophisticated”, but that too many of “these basics attacks are getting through and they’re doing far too much damage”.

“There’s a legitimate role for the government in taking a lead, at least temporarily, and that is the thinking behind our strategy,” said Martin.

“Tackling low-grade, high-volume cyber attacks is a vital part of this three-pronged approach that our government agreed to in 2015 as part of its post-election strategic defence and security review.”

The review, which was published November 2015, aimed to ensure the UK was taking advantage of pioneering technologies to tackle cyber threats.  The spending review pledged a £1.9bn investment in cyber security over the next five years.

Read more about cyber security

Martin said NCSC is already piloting ways of tackling commodity attacks, “sending automated takedown requests to hosters, registrars and others”. 

“We’re starting to see real, measurable results. Looking at phishing attacks against UK government brands, the median time the phishing site is up has dropped from 49 hours to 5 hours,” he said. 

It’s also working with the telecommunications industry to stop the abuse of the border gateway protocols (BGP) and SS7 protocols to reroute traffic.  

“If we’re right, this will mean it’s much much more difficult for UK machines to participate in a DDOS [distributed denial-of-service] attack. If we’re right, then everyone else can do it,” Martin said. 

Read more on Hackers and cybercrime prevention