BT and mobile provider EE have now blocked over a billion clicks to malicious websites using intelligence supplied by the UK’s National Cyber Security Centre (NCSC), according to figures disclosed today.
The NCSC’s Share and Defend programme, launched last year, protects 46 million mobile phone users and 12 million fixed line internet subscribers from websites that could deliver malicious code, malware or phishing attacks, the NCSC said.
It has allowed BT to head off “early stage cyber attacks” and attempts by its customers to access scam websites.
The programme provides telecoms companies with streams of alerts about malicious websites, giving telcos and internet companies the option to block access to the most severe risks to its customers.
Claimed to be the most extensive in the world, Share and Defend provides alerts to BT, EE and VodafoneThree.
Other partners include broadband company PXC, which provides wholesale broadband and network services.
The NCSC said it is “engaging” with other companies to achieve wider coverage and looking to bring new partners into the scheme.
Threat feeds
Share and Defend provides telcos with alerts from threat feeds, some of which are private to the NCSC, with others provided by businesses, and the Cyber Defence Alliance, a group for the finance sector.
Other alerts are generated by take-down notices issued to remove malicious content from the internet, and from websites identified as being linked to phishing sites reported by the public.
Organisations signed up to the programme are able to prevent their customers accessing malicious content, but can choose which sites to block based on their own risk analysis.
The programme provides threat data from the NCSC-developed Protective Domain Name Service, run by Cloudflare and Accenture. The service is capable of preventing access to malicious web domains when they are looked up on the Domain Name System used to navigate the internet.
It also takes feeds from the NCSC’s takedown service – run in conjunction with cyber security company Netcraft – which blocks and removes websites linked to spam and phishing attacks that could damage the reputation of government services.
The Share and Defend service is also used by Jsic, a not-for-profit organisation, which builds and maintains the Janet network, used by education and research organisations.
