Andrea Danti - Fotolia

Free Quad9 internet threat protection launched

IBM, Packet Clearing House and the Global Cyber Alliance join forces to protect businesses and consumers from internet threats free of charge

IBM Security, Packet Clearing House (PCH) and the Global Cyber Alliance (GCA) have launched a free service designed to block access to millions of malicious websites automatically.

The Quad9 domain name system (DNS) service is aimed at protecting users from websites known to steal personal information, infect users with ransomware and malware, or conduct fraudulent activity.

Cyber criminals are increasingly using tools and techniques to build realistic-looking websites that mimic legitimate companies.

According to those behind the project, Quad9 does not store, correlate or otherwise use any personally identifiable information (PII) from its users, unlike other DNS services that often capture information about the websites consumers visit, devices they use and where they live.

An average of 27% of consumers think they are capable of staying ahead of the latest online threats and only 14% have ever changed the DNS settings on their computer, polls across the UK, the US, France and Germany have revealed.

To take advantage of the security and privacy of Quad9, users need to reconfigure a single setting on their devices to use as their DNS server. 

Full instructions on what a DNS service does and how to switch to Quad9 can be found at Quad9 has also laid out the four easy steps for Mac OS and Windows.

As well as PCs and laptops, the protections offered by Quad9 can be extended to all internet connected devices, which often do not receive important security updates and are also difficult to secure with traditional security tools.

With Quad9 used in a home or business network at the router or gateway level, users will have an added level of protection for their IoT devices. These smart devices would also be blocked from accessing remote hosts which have been identified as being harmful or IoT botnets such as Mirai, which infected millions of IoT devices in late 2016.

Read more about DNS security

When a Quad9 user clicks on a website link or types an address into a web browser, Quad9 checks the site against IBM X-Force’s threat intelligence database of more than 40 billion analysed web pages and images. The service also taps feeds from 18 further threat intelligence partners, including, the Anti-Phishing Working Group, Bambenek Consulting, F-Secure, mnemonic, 360Netlab, Hybrid Analysis GmbH, Proofpoint, RiskIQ and ThreatSTOP.

Quad9 is designed to provide these protections without affecting the speed that users expect when accessing websites and services.

Using PCH’s global assets around the world, Quad9 has points of presence in more than 70 locations across 40 countries, but the number of points of presence is expected to double in the 18 months to further improve the speed, performance, privacy and security for users globally.

Telemetry data on blocked domains from Quad9 will be shared with threat intelligence partners to improve their threat intelligence responses for their customers and Quad9.

Quad9 began with the GCA, where the intent was to provide security to end users on a global scale by using DNS to deliver a comprehensive threat intelligence feed.

To realise this aim, the GCA provided system development capabilities and brought the threat intelligence community together in collaboration with PCH, which provides Quad9’s network infrastructure; and IBM, which provides IBM X-Force threat intelligence and the easily memorable IP address (

Not used widely

“Protecting against attacks by blocking them through DNS has been available for a long time, but has not been used widely,” said Philip Reitinger, president and CEO of the GCA.

“Sophisticated corporations can subscribe to dozens of threat feeds and block them through DNS, or pay a commercial provider for the service. However, small to medium-sized businesses and consumers have been left behind – they lack the resources, are not aware of what can be done with DNS, or are concerned about exposing their privacy and confidential information.”

Bill Woodcock, executive director of PCH, said that through local deployment of technology versus some distant datacentre, Quad9 works to “significantly improve” performance.

“The personal information protections and selectable DNS encryption, DNSSEC, and blocklist that are in place show that this project is in line with PCH’s values,” he said. “Quad9 will inspire trust in both individuals and businesses who understand the importance of securing their private browsing data.”

Jim Brennan, vice-president, strategy and offering management at IBM Security, said taking advantage of threat intelligence is a critical way to stay ahead of cyber criminals.

“Consumers and small businesses traditionally didn’t have free, direct access to the intelligence used by security firms to protect big businesses,” he said. “With Quad9, we are putting that data to work for the industry in an open way and further enriching those insights via the community of users.”

Christine Bejerasco, service lead for consumer R&D at F-Secure, said tackling security problems by using key parts of the internet, such as DNS, gives the cyber security industry an opportunity to stop potential compromises.

“A lot of the digital technologies we use were never designed to hold up against the kind of attacks we see today,” she said. “And reinforcing technologies that serve as the backbone of the internet gives users a more secure option to work with.”

Read more on Hackers and cybercrime prevention