British Intelligence has come up with a potentially very effective means to disrupt ransomware attacks, but there seems to still be a few kinks in the system.
The phone rings at your U.K. office and it’s the U.K. government’s National Cyber Security Centre (NCSC) letting you know they’ve detected a potential cyberattack. In a scenario where this is completely legitimate (I only mention it because we all know this could be a vishing attack, right??!?), it would be very helpful to put the Security team on high alert.
This new “Early Warning” system is a completely free service provided by the U.K. government that uses a number of proprietary information feeds to identify active compromises, undesirable network activity, or vulnerable services accessible from the Internet.
Despite identifying leading indicators of cyberattacks once every 72 hours for the last 3 months, the service still has one problem – and I already touched on it. If an organization isn’t signed up for the service, it’s difficult for the NCSC to contact the organization – let alone be believed when they do call!
Any additional layer of security that doesn’t impede on an organization’s budget or productivity that can actually do some good in spotting attacks is a great thing. But having a service like this is truly invaluable; every organization should be signing up for it to establish the means of communicating detected potential attacks to appropriate individuals within the organization.