BT Starts Sharing Details of Bad Websites and Software with UK ISPs

Telecoms operator BT has become the first broadband provider to launch a new collaborative online platform, which enables them to share information about malicious software and websites in a “secure and trusted way” with rival Internet Service Providers (ISP) across the United Kingdom.

BT says they can use this new platform to alert other broadband ISPs in the UK to any malicious domains associated with malware control, which it identifies via a threat intelligence system. The hope is that other providers will then start doing the same and thus by working together they will be more effective at keeping homes and businesses safe from internet nasties.

The new approach is a response to an initiative led by the National Cyber Security Centre (NCSC), which is working to help ISPs share related detection events. All of this has been outlined in the NCSC’s new report – ‘Active Cyber Defence – One Year On‘.

Mark Hughes, CEO BT Security, said:

“This is an important step in helping the Government achieve its aim of making the UK the safest place to live and do business online. We believe that only by working together with Government and the rest of the telecommunications industry can we collectively succeed in stemming the tide of cyber-crime. That’s why we’re urging other ISPs to join us in sharing threat information in a more open and collaborative way.

We’ve been taking a more proactive and automated approach to blocking malicious code and harmful website content on our infrastructure for some time, in line with the NCSC’s Active Cyber Defence strategy. This allows us to mitigate a high volume of cyber threats before they have a chance to take hold and impact our customers. By sharing our malware data, we’re empowering other ISPs to provide their customers with the same level of protection, should they choose to take action.”

So far BT claims to have identified and shared over 200,000 malicious domains since initiating the sharing of threat information at the end of last year. Meanwhile BT’s global team of more than 2,500 cyber-security experts are said to be preventing the delivery of 50 million malicious emails, with 2,000 unique malicious attachments, every month.

A number of ISPs already offer website / DNS based network-level filtering systems that can block access to websites or emails with known security problems (malware / viruses etc.), such as TalkTalk, and so could in theory benefit from this approach.

On the other hand a lot of ISPs have built their own filtering systems with commercial partners, which will already have access to similar data. Granted working together may deliver a more effective outcome, although it’s difficult to know how big of a difference it might actually make as there will surely be a lot of overlap (spotting the same bad sites etc.).

However ISP level restrictions are also easy to bypass, although we tend to assume that people who circumvent such filters will also have enough knowledge to ensure that they are keeping their connected devices secure (e.g. firewalls, anti-virus with web filtering etc.).