On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem.

The Active Cyber Defence Program

NCSC was set up in 2016 to be the single authoritative voice for cybersecurity in the United Kingdom. This was part of the wider National Cyber Security Strategy that sought to make the Government much more interventionist in the protection of the UK as a whole. Part of that interventionist strategy is the Active Cyber Defence (ACD) program.

Cybersecurity Live - Boston

The mission of the ACD Program is to “Protect the majority of people in the United Kingdom from the majority of the harm caused by the majority of the cyber attacks the majority of the time.”

The ACD program deals only with commodity attacks. (Targeted attacks by sophisticated threat actors are dealt with by other NCSC programs.) As such, the program’s intention is to raise the cost and risk of commodity cyber attacks against the United Kingdom, therefore reducing the return on investment for the criminals.

It is universally understood that cyber crime runs on a return on investment (ROI) model. ACD aims at disrupting this cyber crime ROI, thus demotivating attackers from targeting the United Kingdom.

Despite Dr. Ian Levy, NCSC Technical Director, saying that “we haven’t managed to do as much as we hoped,” the program is a fine example of a “government actively doing something, providing real services and generating real data and analysis has to be a first step in demystifying cybersecurity, and beginning to tackle the impacts of cyber attack at scale.”

In fact, the program was assessed by King’s College London, (Read more...)