‘Follow our lead’, BT urges rival ISPs after it begins sharing malware data to help in cybercrime battle
BT is to share the malware data it gathers with its fellow Internet Service Providers (ISPs) in the UK.
BT said it has become the first telecommunications provider in the world to start sharing information about malicious software and websites on a large scale with other ISPs. IBM in 2015 undertook a similar initiative.
To help in this information sharing, the former UK incumbent has launched a collaborative online platform called the Malware Information Sharing Platform (MISP) to allow fellow broadband providers to share threat intelligence data in a safe and secure manner.
Its Good To Share
The move by BT comes amid a constant cyber threat to British consumers, businesses and public sector bodies from the high volumes of relatively unsophisticated attacks that occur daily in the UK.
The free information sharing platform BT has created is said to be linked to the National Cyber Security Centre’s Active Cyber Defence strategy initiative, which aims to detect and prevent online attacks against the UK.
What will happen going forward is that BT will “alert other ISPs in the UK to any malicious domains associated with malware control that it identifies using its advanced threat intelligence capabilities.”
It is then up to each ISP as to whether it decides to take action by blocking harmful malware.
BT said that it has so far identified and shared over 200,000 malicious domains since initiating the sharing of threat information at the end of last year.
“BT’s global team of more than 2,500 cyber security experts are currently preventing the delivery of 50 million malicious emails with 2,000 unique malicious attachments every month – that’s almost 20 malicious emails every second,” said the ISP.
BT also said it was actively supporting the Government’s Active Cyber Defence Strategy which utilises Domain Name System (DNS) filtering.
BT said it is automatically blocking tens of millions of malware infections which try to cross its infrastructure every week.
“This is an important step in helping the Government achieve its aim of making the UK the safest place to live and do business online,” explained Mark Hughes, CEO BT Security.
“We believe that only by working together with Government and the rest of the telecommunications industry can we collectively succeed in stemming the tide of cyber-crime,” said Hughes. “That’s why we’re urging other ISPs to join us in sharing threat information in a more open and collaborative way.”
“We’ve been taking a more proactive and automated approach to blocking malicious code and harmful website content on our infrastructure for some time, in line with the NCSC’s Active Cyber Defence strategy,” he added. “This allows us to mitigate a high volume of cyber threats before they have a chance to take hold and impact our customers. By sharing our malware data, we’re empowering other ISPs to provide their customers with the same level of protection, should they choose to take action.”
And BT’s move has been warmly welcomed by the UK’s National Cyber Security Centre.
“This is a fantastic initiative that will help provide broader protection of cyber threats facing the UK,” said the Centre’s Technical Director, Dr Ian Levy.
“Networks will be able to exchange detections in real time so that UK citizens can be protected by their ISP by default and for free, as part of the National Cyber Security Centre’s Active Cyber Defence programme,” Dr Levy added.
“This unprecedented level of sharing and exchange will have a positive impact across the whole security community by helping us to collectively understand our adversaries and reduce the impact of cyber attacks,” Dr Levy said.
It now remains to be seen whether other British ISPs will join BT’s lead.
Do you know all about security in 2017? Try our quiz!