Cyber Defence: invisible but pivotal

2nd November 2018


Russell Haworth

Russell Haworth
CEO

Many aspects of cyber security are invisible. We can count how many cyber attacks have been mounted and the cost of the damage inflicted, but can we record how many have been thwarted, or how much money has been saved? There are some bodies who can access this data. And sometimes it’s important to share these facts and celebrate these ‘invisible’ successes in what is an endlessly evolving – and endlessly challenging – fight against cyber criminals.

In our role as the registry for the .UK Domain, Nominet works with law enforcement to suspend malicious sites and intervene at registration if we believe a domain could be used for criminal purposes, generating a fairly accurate tally of how much potentially criminal activity has been prevented by our innovative defences. Data of this nature is also gathered by the National Cyber Security Centre (NCSC), and was recently shared in their annual review.

The results are encouraging, and some of the most powerful data reflects the work that Nominet is doing as part of the Government’s Active Cyber Defence strategy. We currently operate the Protective Domain Name System (PDNS) service for more than 200 public sector organisations across the Public Services Network (PSN). This blocks malicious sites from being accessed by these critical users as well as sharing information about issues within the DNS to help direct technicians to the areas in need of a fix.

Based on the stats within the recent annual review, our PDNS service has blocked over 30 million attempts by public sector organisations to access malicious domains since the service began. On average, the PDNS blocks over 10,000 malicious domains every month. Not only are these figures significant in isolation, the enormity of the success is better understood when we consider that these public sector organisations can cover some of the key aspects of our country’s Critical National Infrastructure. They require the utmost security due to their high-risk nature – they are an obvious and continuous target for cyber criminals and state-sponsored hackers – and we’re duly proud to be a crucial part of keeping them safe.

Another significant area of success in the recent NCSC report is around phishing. The latest figures show that the UK’s share of visible global phishing attacks has halved, dropping from 5.3% to 2.4%, since Active Cyber Defence was mounted. This malicious and prevalent form of cyber attack can be stopped at the root by blocking phishing websites before an attack can be launched from them. Considering every single phishing site can launch millions of phishing emails, blocking these sites has a huge impact in terms of damage avoided and money saved.

Blocking phishing domains forms part of the work Nominet does in our ongoing cyber security provisions for the .UK registry, and contributes to our mission of making our country the safest place to do business online. We have therefore contributed to the meaningful successes recorded by NCSC for Active Cyber Defence. The NCSC review confirms that they will now roll out the existing measures further in the coming years, expanding Active Cyber Defence further to continue this great work in making the UK the safest place to live and work online. We are a direct and indirect part of this worthy mission, and we will continue to deliver cyber security to the Government via the PDNS as well as maintaining the focused work we do in house to keep the .UK domain safe for all who use it.

We will also follow NCSC’s example of talking about the successes of cyber security to bring it out of the shadows amid the alarming news cycles of hacks, attacks and damage to some of the biggest names in business. Let’s counterbalance the negative news by taking note of all the hacks, attacks and damage that hasn’t been inflicted in the past 12 months. Celebrate the invisible successes and be proud that the UK’s namespace is a safe place to be.

Read more about Nominet’s work with Government as part of PDNS.

cyber security