National Crime Agency
Data sharing initiative enables action on 30,000 cyber crime threats
Details of more than 30,000 individual cyber crime threats have been shared with internet hosting companies as part of a programme of industry engagement carried out by the National Crime Agency (NCA), and CERT-UK (the UK’s Computer Emergency Response Team).
Customised threat alerts have been provided to around 50 organisations over a period of nearly three months, enabling them to take remedial action to protect their customers and networks.
The alerts included details of server compromises being used for crime including:-
- malicious software (malware) infections (used by criminals to take control of and steal data from computers)
- phishing (attempting to obtain sensitive information by deception)
- Distributed Denial of Service (DDoS) attacks (flooding websites with requests, making them temporarily unobtainable)
- command-and-control systems for botnets (networks of computers infected with malware)
Limited initial analysis of the project has suggested a 12% average reduction in the number of specific threats on the hosting company servers.
While there is no universally-agreed cost of cyber crime to the UK, the NCA estimates that over a year, an overall 12% decrease in malicious domains hosted in the UK could reduce losses incurred by businesses by tens of millions of pounds.
New Cyber Protection officers from police Regional Organised Crime Units (ROCUs), will now be engaging with threat feed recipients to support their mitigation efforts.
This activity follows a similar programme carried out earlier in 2015, which identified 5,531 compromises on UK servers, and is part of ongoing NCA engagement with industry partners, including banks and security firms, to collaboratively tackle cyber crime threats.
The NCA is also continuing to inform hosting companies, and other relevant businesses, that they can join the Cyber-security Information Sharing Partnership (CiSP) to receive live threat data feeds provided by CERT-UK.
Paul Hoare, industry partnerships senior manager at the NCA’s National Cyber Crime Unit, said:
“Working with industry to jointly combat cyber crime is a priority for the NCA, and sharing timely, customised intelligence with hosting companies can contribute to the protection of the UK internet infrastructure. Many alert recipients have taken timely action against the threats identified, and this is likely to have prevented losses to individuals and businesses further down the line.
“We continue to use all the means at our disposal to make the UK’s people and businesses the most difficult possible targets for cyber criminals.”
CERT-UK Director, Chris Gibson, said:
“This initiative is another step in helping industry build their resilience and a timely reminder of the importance of collaboration between industry, law enforcement and government. The alerts are available to companies who are part of the Cyber-security Information Sharing Partnership (CiSP), which is a free joint industry/government initiative to share cyber threat and vulnerability information in order to increase overall situational awareness of the cyber threat and therefore reduce the impact on UK business”
The project has also been assisted by the Shadowserver Foundation, a not-for-profit organisation dedicated to making the Internet safer using the skills of volunteer security specialists from around the world.
Businesses can find out more about CiSP at www.cert.gov.uk/cisp
The government’s Cyber Essentials Scheme provides information to help organisations protect themselves against common cyber attacks, and includes an online tool to help businesses assess themselves. https://www.gov.uk/government/publications/cyber-essentials-scheme-overview
Latest News from
National Crime Agency
University academic admits 137 “horrifying” ’hurt core’ offences17/10/2017 13:15:00
A university academic who dubbed himself ‘evilmind’ and ‘666devil’ yesterday pleaded guilty to 137 charges including encouraging the rape of a four-year-old boy, in a landmark National Crime Agency investigation.
Clydebank man charged over cocaine importation16/10/2017 14:20:00
A man from Clydebank has been charged with the importation and supply of class A drugs following a joint operation involving the National Crime Agency and Police Scotland.
Three-year sentence for sex offender who watched live abuse12/10/2017 15:25:00
A man who watched live footage of a four-year-old girl being sexually abused has been sentenced to three years in prison following a National Crime Agency (NCA) investigation.
Suspicious Activity Reports Regime Annual Report 2017 published12/10/2017 12:15:00
The pdf Suspicious Activity Reports (SARs) Annual Report 2017 (895 KB), spanning the 18 months between October 2015 and March 2017 inclusive, was yesterday published.
Longer sentence for Arbroath man who smuggled stun gun and pepper sprays in the post11/10/2017 17:07:00
A man from Arbroath has had his prison sentence increased to five years after attempting to import offensive weapons, including a stun gun disguised as a torch and five CS pepper sprays in the post.