Ciaran Martin, the director general of cyber at GCHQ said Plans are being made by the UK’s surveillance agency, GCHQ, to create a national firewall that will protect against cybersecurity threats.
Martin made this revelation at the Billington Cybersecurity Conference in Washington on Tuesday. Far too many unsophisticated cyber attacks are succeeding, warned Martin, and a new more pro-active cybersecurity strategy is the best solution.
“We’re exploring a flagship project on scaling up DNS filtering. What better way of providing automated defenses at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?” Martin Said.
About 200 cyber security incidents are detected every month but that this number is growing, with double the amount of threats identified compared to a year ago, Martins said.
“The great majority of cyber-attacks are not terribly sophisticated. They can be defended against. And if they get through their impact can be contained. But far too many of these basic attacks are getting through. And they are doing a lot of damage,” said Martin.
The main objective of the project would be to protect government sites and any other industries which are possible risks to national security. There are also plans to extend the firewall protection to any major private companies that express interest in using GCHQ’s expertise in the area, with hopes that the major broadband providers will help manage the filtering process.
“It’s crucial that all of these economy-wide initiatives are private-sector led. The government does not own or operate the internet,” said Martin. “Consumers must have a choice. Any DNS filtering would have to be opt out-based. So addressing privacy concerns and citizen choice is hardwired into our program.”
Privacy groups have already expressed concern at the prospect, saying they were worried that it could be used to deny freedom of speech, with the government potentially able to designate sites they disapprove of as malware.
“Even if we trust ISPs and governments not to abuse their extending powers of censorship, we ought to be worried that GCHQ is proposing at least one security measure which undermines international efforts to improve the integrity of the internet and thereby its security,” wrote Jim Killock, executive director of the Open Rights Group, as he pointed out what he considers several flaws.
“There are a number of problems with this approach. Privacy and logging are one; but so is the collateral damage that comes from DNS blocking. Phishing tends to abuse URLs rather than whole sites, so the impact of blocking entire sites can sometimes be huge,” argued Killock.
It’s still early stages yet, and it is not yet clear how far along GCHQ is in this objective.