The UK's National Cyber Security Centre and the Australian Cyber Security Centre have subscribed to a breach notification service offered by well-known security researcher Toy Hunt, using which they will get real-time notifications if credentials of any of their staff are compromised.
According to Troy Hunt who is offering the service for free, the breach notification service will help the NCSC and the ACSC respond quickly to credential breaches and limit the scale of data breaches.
Troy Hunt, a well-known security researcher, and owner of the website Have I been pwned? recently announced that thanks to a new arrangement between him, the UK's National Cyber Security Centre and the Australian Cyber Security Centre, both cyber security watchdogs will be able to centrally monitor all domains owned by their respective governments so as to respond to threats and breaches in real-time.
Breach notification services for free!
Hunt, whose website has helped millions of netizens across the world find out if their email addresses or credentials have ever been breached by cyber criminals, said that he will offer the real-time breach notification service to both the NCSC and the ACSC for free.
"There are many reasons why that made sense to do, one of which is that it unifies a bunch of existing free searches that I mentioned above. Another is that frankly, we really want governments to do their best to protect the folks working in their departments; many of them are working in capacities that help protect our respective nations from all sorts of threats and increasingly, as we all know, that means online threats as well," he said.
Using the service, both NCSC and ACSC will be able to query any white-listed domains owned by their respective governments and will also receive instant alerts every time an alias on one of their domains is seen in a new data breach or a paste. The latter is part of Hunt's commercial offerings and this is the first time it is being offered to any organisation for free.
"That's really important in terms of giving them the ability to respond quickly and by unifying all those existing one-off domain searches, the respective governments will be able to immediately see when an incident has a potentially broad impact.
"This can be especially important when you consider data breaches such as Dropbox; many organisations of all kinds suddenly learned that a bunch of their people had cloud storage accounts under their corporate email addresses so you can imagine some of the discussions that subsequently ensued," he added.
“We’re excited for the opportunity to work alongside Troy and we’re looking forward to trialing the use of his service in the coming weeks to help alert UK government departments if their users have potentially compromised credentials.”
The National Cyber Security Centre confirmed the news on Twitter.
“We’re excited for the opportunity to work alongside Troy and we’re looking forward to trialing the use of his service in the coming weeks to help alert UK government departments if their users have potentially compromised credentials,” it said.
Another feather on NCSC's cyber defence cap
While the use of Hunt's breach notification service will surely help the two organisations help government departments avoid data breaches or prevent any negative fallout of breaches in the future, this move can be seen as one of several steps the NCSC has taken in the recent past to secure government-owned domains and websites.
For example, Ciaran Martin, the head of the National Cyber Security Centre, recently wrote to government agencies asking them not to use services offered by 'a Russia-based AV company' as doing so would put national security at risk.
Martin said that even though a majority of UK citizens and businesses are not directly targeted by the Russian state, government departments and critical infrastructure firms face more risks every day and as such, should avoid using software that has origins in Russia.
He added that it is possible for Russia to access information stored by government agencies and critical infrastructure firms and hence, agencies must not choose Kaspersky Lab products in case it is assessed that access to the information by the Russian state would be a risk to national security.
Last year, the NCSC also launched an 'Active Cyber Defence programme' that, within a year, helped it block 54 million online attacks and take down 120,000 fake websites run by cyber criminals. The Centre said that thanks to the success of the programme, the UK’s share of global phishing attacks has plummetted and attackers have been forced to change their behaviour.
As part of the programme, NCSC had offered four new technologies- Web Check, DMARC, Public Sector DNS and a takedown service, to public institutions for free to help them defend against sophisticated phishing attacks and to stop public sector systems from veering onto malicious servers.
According to NCSC, the new programme helped it remove 121,479 phishing sites hosted in the UK and 18,067 hosted in the rest of the world that spoofed UK government websites. It also blocked a total of 515,658 fake e-mails from bogus ‘@gov.uk’ accounts.