Great British Block-Off: GCHQ floats plan to share its DNS filters
Plan calls for ISPs to sign on for attack blocking system
Officials with GCHQ are said to be mulling a plan that would extend the UK government's network security tools to private-sector ISPs.
GCHQ director general for cyber security Ciaran Martin has been in Washington, DC, pitching the plan to arm the ISPs with firewall updates aimed at blocking off known bad actors.
The project, said to be part of the new National Cyber Security Centre (NCSC) headed up by Martin, is aimed at protecting businesses from attacks by sealing off those addresses previously associated with attacks.
This will allow the public to be protected from malware or state-sponsored attacks that have already been spotted by GCHQ. Though characterised in press reports as another "Great Firewall," the project appears to be almost entirely focused on catching cyber attacks, rather than gathering intelligence or censoring content.
The plan is said to be in its early phases, with no actual announcement or rollout imminent. Reports note that the firewall protections would be opt out, letting members of the general public disable the filters if they so choose.
Set to launch later this year, the NCSC will serve as a hub for GCHQ and other government agencies, to link up with private sector companies and those in the general public. They will share best practices and provide alerts for security threats that could be targeted at industry and businesses that are likely targets for attack by hackers working on behalf of foreign governments.
As the BBC notes, the DNS filtering plan was one of several projects Martin outlined. Other efforts described methods of speeding up incident response, catching fraud activity online, and protecting connected devices such as smart meters. ®