The NCSC have released their report on their Active Cyber Defence program.
https://www.ncsc.gov.uk/blog-post/active-cyber-defence--acd---the-second-year
The program attempts to tackle cyber attacks targeting the public sector by providing tools to help automate the detection or attacks and help improve the security of deployed systems like mail, DNS, etc.
A quick run down of the services
Mail Check
The NCSC’s platform for assessing email security compliance. It collects, processes and analyses DMARC reports from across the public sector.
Web Check
A service that helps you find and fix common vulnerabilities in UK public sector websites you manage.
Protective Domain Name System (PDNS)
PDNS is a free and reliable internet accessible DNS service for the public sector that protects users from threats posed by known, malicious malware.
Exercise in a Box
This free service helps your organisation find out how resilient you are to a cyber attack, and practise your response in a safe environment.
The report covers how they ACD program has progressed over 2018 covering the following areas.
- Takedown Service : removing malicious content so it can’t cause harm.
- Mail Check : helping domain owners understand and control abuse of their email
domains.- Domain Discovery : helping system owners understand what internet domains they
have registered.- Web Check : proactively scanning websites for simple vulnerabilities and issues.
- Protective DNS : protecting the public sector at scale from harmful internet stuff.
- Routing and signalling : protecting the protocols that route our traffic around the
world.- Host-based capability : getting a handle on public sector IT.
- Vulnerability Disclosure Platform : making it easy to report vulnerabilities in government services.
- Suspicious email incubator : building a service to help the public report on suspicious stuff and automatically take protective action
Its a large report, however i thought there might be some interest as it has a lot of data on the various activities of the ACD program.
Even just looking at the fishing section, its interesting to see and somewhat obvious why that HMRC (the tax man in the UK) is the most targeted organisation in regards to phishing.
I feel like there must be a few people here that are interested int his stuff.