National Cyber Security Centre
NCSC Takedown Service
Takedown services remove sites and block any attack infrastructure to limit the harm that cyber attacks can cause.
Takedown Services – an introduction
Malware and phishing sites cause harm to UK citizens and brands. Takedown services aim to reduce the return on investment for attackers by removing sites and blocking any attack infrastructure to limit the harm that these attacks can cause.
About the NCSC Takedown Service
The NCSC works with Netcraft to provide the Takedown Service. The NCSC focuses the Takedown Service predominantly on the "HMG brand" - which is very broadly defined. Departments automatically benefit from the service without having to do anything.
Eligibility for the NCSC Takedown Service
The Takedown Service covers UK Government brands and services. The NCSC provides this service centrally.
How the NCSC Takedown Service works
The service discovers attacks in a variety of ways:
- Spam and phishing feed scanning - it takes spam and phishing feeds and scans them for sites pretending to be UK Government brands
- Suspicious Email Reporting Service (SERs) submissions - organisations help augment the service by forwarding emails (including any attachments) or the URL of any site pretending to be theirs to firstname.lastname@example.org. SERs then automatically forwards these submissions to the Takedown service.
If applicable, the service then issues takedown notices to various hosting providers to get live attacks blocked. To further mitigate harm the service adds the sites to various safe browsing lists so modern browsers will not allow access.
Benefits of the NCSC Takedown Service
Benefits of the NCSC Takedown Service include:
- URLs associated with UK Government themed phishing attacks, which are often targeted at UK based users, are removed and hence the harm caused by these campaigns is reduced
- HMG brand is protected which in turn safeguards the UK's reputation
- the timely removal of malicious sites further reduces any potential harm
How to register for the NCSC Takedown Service
No registration is required for the Takedown Service. Central government organisations benefit automatically without having to sign up.
Latest News from
National Cyber Security Centre
NCSC statement on Queen's University Belfast incident08/03/2021 16:15:00
The latest statement from the NCSC regarding a cyber incident affecting Queen's University Belfast.
Advice following Microsoft vulnerabilities exploitation04/03/2021 10:25:00
Urgent updates released for Exchange server vulnerabilities
'Cyber Action Plan' to help increasingly digital small businesses stay secure from rising threats01/03/2021 14:15:00
As part of the Cyber Aware campaign, a self-assessment tool for sole traders and micro businesses has been developed.
Joint Advisory: Exploitation of Accellion File Transfer Appliance24/02/2021 15:30:00
Cyber security organisations in the UK, USA, Australia, New Zealand, and Singapore publish advice to defend against malicious cyber actors.
NCSC consolidates advice on secure home learning23/02/2021 13:15:00
Three tailored blogs to help manage remote education technology safely.
UK supports US charges against North Korean cyber actors18/02/2021 11:10:00
Indictment charges individuals with involvement in hacking and fraud conspiracy
Schools recognised by cyber experts for first-rate teaching16/02/2021 11:15:00
14 schools and colleges across the UK are the latest to receive CyberFirst Schools status for their excellent cyber security teaching.
Thousands of girls take on codebreaking puzzles in bid to win UK cyber security crown12/02/2021 14:15:00
The 2021 CyberFirst Girls Competition saw over 6,500 students take part, teams now go through to the online semi-finals in March.