NCSC Active Cyber Defence Report (Second Year)

Science, Engineering, & Tech Security
,
1

The NCSC have released their report on their Active Cyber Defence program.

https://www.ncsc.gov.uk/blog-post/active-cyber-defence--acd---the-second-year

The program attempts to tackle cyber attacks targeting the public sector by providing tools to help automate the detection or attacks and help improve the security of deployed systems like mail, DNS, etc.

A quick run down of the services

Mail Check

The NCSC’s platform for assessing email security compliance. It collects, processes and analyses DMARC reports from across the public sector.

Web Check

A service that helps you find and fix common vulnerabilities in UK public sector websites you manage.

Protective Domain Name System (PDNS)

PDNS is a free and reliable internet accessible DNS service for the public sector that protects users from threats posed by known, malicious malware.

Exercise in a Box

This free service helps your organisation find out how resilient you are to a cyber attack, and practise your response in a safe environment.

The report covers how they ACD program has progressed over 2018 covering the following areas.

  • Takedown Service : removing malicious content so it can’t cause harm.
  • Mail Check : helping domain owners understand and control abuse of their email
    domains.
  • Domain Discovery : helping system owners understand what internet domains they
    have registered.
  • Web Check : proactively scanning websites for simple vulnerabilities and issues.
  • Protective DNS : protecting the public sector at scale from harmful internet stuff.
  • Routing and signalling : protecting the protocols that route our traffic around the
    world.
  • Host-based capability : getting a handle on public sector IT.
  • Vulnerability Disclosure Platform : making it easy to report vulnerabilities in government services.
  • Suspicious email incubator : building a service to help the public report on suspicious stuff and automatically take protective action

Its a large report, however i thought there might be some interest as it has a lot of data on the various activities of the ACD program.

Even just looking at the fishing section, its interesting to see and somewhat obvious why that HMRC (the tax man in the UK) is the most targeted organisation in regards to phishing.

image
image.png715×602 78.9 KB

image

I feel like there must be a few people here that are interested int his stuff.

4 Likes
2

Thanks for posting, this is indeed useful material.

1 Like