UK defines Cyber DEFCON 1, 2 and 3, though of course doesn't call it that

Brits revamp cyber alert framework


The UK government has launched a new cyber attack categorisation that is designed to improve response to incidents – sadly it doesn't go up to 11.*

Categorisation into bands ranging from six down towards one (the most severe) will span the full range of incidents from localised attacks against individuals or SMEs up to "national cyber emergency".

New UK cyber attack categorisation system

Cyber DEFCON ratings

The NCSC said it has responded to more than 800 significant incidents since October 2016, and their incident responders will now classify attacks into six specific categories rather than the previous three.

The changes, which are effective immediately, are aimed at improving consistency around the incident response as well gearing the UK up towards making a better use of resources - ultimately leading to more victims receiving support.

The incident category definitions delineate what factors would happen to activate a specific classification, which organisation responds and what actions they would take.

Paul Chichester, the NCSC’s director of operations, told us: “This new joint approach, developed in partnership with UK law enforcement, will strengthen the UK’s ability to respond to the significant, growing and diverse cyber threats we face.

“The new system will offer an improved framework for dealing with incidents, especially as GDPR and the NIS Directive come into force shortly."

The framework encompasses cyber incidents in all sectors of the economy, including central and local government, industry, charities, universities, schools, small businesses and individuals.

Ollie Gower, deputy director at the National Crime Agency, added: “This new framework will ensure we are using the same language to describe and prioritise cyber threats, helping us deliver an even more joined up response.

“I hope businesses and industry will be encouraged to report any cyber attacks they suffer, which in turn will increase our understanding of the cyber threat facing the UK.”

Any cyber attack which may have a national impact should be reported to the NCSC immediately. This includes cyber attacks which are likely to harm UK national security, the economy, public confidence, or public health and safety. Depending on the incident, the NCSC may be able to provide direct technical support.

People or businesses suffering from a cyber attack below the national impact threshold should contact Action Fraud, the UK’s national fraud and cyber crime reporting centre, which will respond in accordance with the new incident categorisation.

Information processed by the new framework will ultimately be used to generate a more comprehensive national picture of the cyber threat landscape.

The announcement comes on the final day of NCSC’s flagship conference CYBERUK 2018. ®

Bootnote

Disappointingly, the newly introduced classification system doesn’t go up to 11. Nor does it have a hors category, like the most difficult mountain climbs of the Tour De France. Hors signifies climbs that are "beyond categorisation".

There’s no colour coding in the new system - so there’s no brown alert either.


Other stories you might like

  • How to keep a support contract: Make the user think they solved the problem

    Look what you found! Aren't you clever!

    On Call Let us take a little trip back to the days before the PC, when terminals ruled supreme, to find that the more things change the more they stay the same. Welcome to On Call.

    Today's story comes from "Keith" (not his name) and concerns the rage of a user whose expensive terminal would crash once a day, pretty much at the same time.

    The terminal in question was a TAB 132/15. It was an impressive bit of kit for the time and was capable of displaying 132 characters of crisp, green text on a 15-inch CRT housed in a futuristic plastic case. Luxury for sure, unless one was the financial trader trying to use the device.

    Continue reading
  • Apple kicked an M1-shaped hole in Intel's quarter

    Chipzilla braces for a China-gaming-ban-shaped hole in future results, predicts more product delays

    Intel has blamed Apple's switch to its own M1 silicon in Macs for a dip in sales at its client computing group, and foreshadowed future unpleasantness caused by supply chain issues and China's recent internet crackdowns.

    Chipzilla's finances were robust for the third quarter of its financial year: revenue of $19.2 billion was up five per cent year over year, while net income of $6.8 billion was up 60 per cent compared to 2020's Q3.

    But revenue for the client computing group was down two points. CFO George Davis – whose retirement was announced today – was at pains to point out that were it not for Apple quitting Intel silicon and Chipzilla exiting the modem business, client-related revenue would have risen ten per cent.

    Continue reading
  • How your phone, laptop, or watch can be tracked by their Bluetooth transmissions

    Unique fingerprints lurk in radio signals more often than not, it seems

    Over the past few years, mobile devices have become increasingly chatty over the Bluetooth Low Energy (BLE) protocol and this turns out to be a somewhat significant privacy risk.

    Seven boffins at University of California San Diego – Hadi Givehchian, Nishant Bhaskar, Eliana Rodriguez Herrera, Héctor Rodrigo López Soto, Christian Dameff, Dinesh Bharadia, and Aaron Schulman – tested the BLE implementations on several popular phones, PCs, and gadgets, and found they can be tracked through their physical signaling characteristics albeit with intermittent success.

    That means the devices may emit a unique fingerprint, meaning it's possible to look out for those fingerprints in multiple locations to figure out where those devices have been and when. This could be used to track people; you'll have to use your imagination to determine who would or could usefully exploit this. That said, at least two members of the team believe it's worth product makers addressing this privacy weakness.

    Continue reading

Biting the hand that feeds IT © 1998–2021