The new cyber agency of UK spy center GCHQ is gearing up to build a ‘great firewall’ to block malicious sites used for hostile cyber attacks and combat cybercrime.
The flagship DNS filtering program will involve automating defenses against unsophisticated but high-volume cyber attacks, the head of the new National Cyber Security Centre (NCSC), Ciaran Martin, told a conference in Washington, DC.
The scheme will work by sealing off web domains previously associated with attacks. One of the most common types of cyber attack involves malicious websites, often disguised under trusted domains, infecting visitors’ computers with malware.
“The great majority of cyber attacks are not terribly sophisticated. They can be defended against. And if they get through their impact can be contained. But far too many of these basic attacks are getting through. And they are doing a lot of damage,” Martin said in his first public speech as CEO of the agency, which officially opens in October.
The program, which is currently being trialed on public sector IT networks, is aimed primarily at protecting government sites and the infrastructure of industries important to national security, such as power and transport.
However, it will also be offered to consumers and major IT companies such as BT, Sky and Virgin Media on an opt-in basis.
Martin warned that “national security level cyber incidents” had doubled in the last year, citing an average of 200 attacks each month in 2015.
Martin, former director general of government and industry cyber security at GCHQ, described the strategy as “active cyber defense.”
“It’s possible to filter unwanted content or spam. It’s technically possible to block malicious content. So, the question is: why aren’t we, the cyber security community, using this more widely?” he said.
The opening of the NCSC was announced by former Chancellor George Osborne last November as part of a strategy to bridge the gap between government and industry.