BT Starts Sharing Details of Bad Websites and Software with UK ISPs
Telecoms operator BT has become the first broadband provider to launch a new collaborative online platform, which enables them to share information about malicious software and websites in a “secure and trusted way” with rival Internet Service Providers (ISP) across the United Kingdom.
BT says they can use this new platform to alert other broadband ISPs in the UK to any malicious domains associated with malware control, which it identifies via a threat intelligence system. The hope is that other providers will then start doing the same and thus by working together they will be more effective at keeping homes and businesses safe from internet nasties.
The new approach is a response to an initiative led by the National Cyber Security Centre (NCSC), which is working to help ISPs share related detection events. All of this has been outlined in the NCSC’s new report – ‘Active Cyber Defence – One Year On‘.
Mark Hughes, CEO BT Security, said:
“This is an important step in helping the Government achieve its aim of making the UK the safest place to live and do business online. We believe that only by working together with Government and the rest of the telecommunications industry can we collectively succeed in stemming the tide of cyber-crime. That’s why we’re urging other ISPs to join us in sharing threat information in a more open and collaborative way.
We’ve been taking a more proactive and automated approach to blocking malicious code and harmful website content on our infrastructure for some time, in line with the NCSC’s Active Cyber Defence strategy. This allows us to mitigate a high volume of cyber threats before they have a chance to take hold and impact our customers. By sharing our malware data, we’re empowering other ISPs to provide their customers with the same level of protection, should they choose to take action.”
So far BT claims to have identified and shared over 200,000 malicious domains since initiating the sharing of threat information at the end of last year. Meanwhile BT’s global team of more than 2,500 cyber-security experts are said to be preventing the delivery of 50 million malicious emails, with 2,000 unique malicious attachments, every month.
A number of ISPs already offer website / DNS based network-level filtering systems that can block access to websites or emails with known security problems (malware / viruses etc.), such as TalkTalk, and so could in theory benefit from this approach.
On the other hand a lot of ISPs have built their own filtering systems with commercial partners, which will already have access to similar data. Granted working together may deliver a more effective outcome, although it’s difficult to know how big of a difference it might actually make as there will surely be a lot of overlap (spotting the same bad sites etc.).
However ISP level restrictions are also easy to bypass, although we tend to assume that people who circumvent such filters will also have enough knowledge to ensure that they are keeping their connected devices secure (e.g. firewalls, anti-virus with web filtering etc.).
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook and Linkedin.
« UK Satellite Operator Inmarsat Says European Aviation Network is GO
Latest UK ISP News
- FTTP (5511)
- BT (3514)
- Politics (2535)
- Openreach (2296)
- Business (2260)
- Building Digital UK (2243)
- FTTC (2042)
- Mobile Broadband (1972)
- Statistics (1788)
- 4G (1663)
- Virgin Media (1619)
- Ofcom Regulation (1460)
- Fibre Optic (1393)
- Wireless Internet (1389)
- FTTH (1381)
So another take could be:-
Big businesses decide, in secret, to compile list of websites they don’t like and stop people from accessing them.
WITHOUT any judicial oversight.
So we have a system where the big businesses decide what is good for everyone based on their own secret criteria and agenda.
Sounds scary when you look at what could be done with said system.
ISP systems that block websites at the network-level, due to malware content, tend to be optional to enable. So you have the choice.
You made something up, then said how scary it sounds.
I didn’t make up anything.
BT have created a scheme without any legal oversight that will be used to block sites that they alone consider to be “malicious”. No criteria given nor recourse to remove websites which aren’t.
BT want other ISPs to use it and for the other ISPs to give them lists of “malicious” websites too. Again no legal oversight and BT will trust implicitly that any website named by the other ISPs are indeed malicious.
If others cannot see what is wrong with this and why it is scary then god help the world.
So by are not doing anything different from BlueCoat, SpanHause or any other list curators out there. You’ll be complaining about antivirus, anti malware and firewalls next for blocking stuff without your prior knowledge or consent.
Snarky comments aside, you do have a point but I don’t think it’s as bad as you make out considering that other companies already produce reputation lists that others often pay to use.
Totally Agree!
Totally agree with occasionally factual (sorry missed that out!)
@Chris P
I’m not saying that protecting oneself and trusting organisations is a bad thing in general but we have to ensure that we don’t move into an area where big businesses effectively control what we can see/do with no recourse to a legal framework.
It is bad enough that the State can do that without letting businesses in on the act.
“Eternal vigilance is not only the price of liberty; eternal vigilance is the price of human decency.” A. Huxley
@occasionally factual
That ship sailed a long time ago.
Services like open dns provide similar things, as do browsers like chrome, don’t forget the uk courts insist that ISP’s block certain bit torrent search engines and other sites have been wrongly banned too. Apple browsers also have lists of bad sites it will restrict your access to. No one is really complaining about the current restrictions.
I do see your point but your about 20 years too late and no one seems to mind the current restrictions.
I’d like to offer my help to BT for free. Change default DNS to 9.9.9.9 and add blackhole routing on your edge routers using following lists:
https://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt
https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset
http://malc0de.com/bl/IP_Blacklist.txt
remember to update them daily!
You don’t think an ISP might run its own DNS platform?
Of course they can run their own DNS. I’d like to simplify thy process for BT.