UK's National Cyber Security Centre highlights the success of its Active Cyber Defence (ACD) program
The UK’s National Cyber Security Center (NCSC – part of GCHQ) Active Cyber Defense (ACD) program is an ambitious project designed to improve the security posture of an entire nation. It does this primarily through the rapid identification and takedown of malicious websites; the timely delivery of actionable threat intelligence to organizations; and a range of other mechanisms.
ACD primarily serves UK government departments, agencies and ‒ since the outbreak of the Covid-19 pandemic ‒ the NHS. However, a new facet known as ACD Broadening, is actively exploring the expansion of the service to include private sector organizations and even foreign countries and their governments.
ACD does not seek to solve all security problems. It is currently aimed at commodity attackers rather than targeted and APT attackers. This gives the widest benefit in the shortest time. “The aim of the Active Cyber Defense (ACD) program, “says the NCSC’s fourth ACD annual report (PDF), “is to ‘Protect the majority of people in the UK from the majority of the harm caused by the majority of the cyberattacks the majority of the time.’”
The primary mechanisms supporting ACD (there are more) include: the Takedown Service, Mail Check, Web Check, Protective DNS, Dangling DNS, a Host Based (threat detection) Service; the NCSC Observatory; a Suspicious Email Reporting Service (SERS); ‘Exercise in a Box’ (a protected response testing service); and a Cyber Threat Intelligence Adaptor. Just as many of these mechanisms overlap and feed each other, so do the benefits derived overlap the primary government sector and UK internet user ..
Support the originator by clicking the read the rest link below.
![[Security Nation] Megan Stifel and Ciaran Martin discuss the sticky issue of ransomware payments](upload/news/image_1620842424_17725044.jpg)
