Supporting the world in cyber space

An unchartered path

We are working away in the background, as many of you can probably imagine, there are a huge rang of logistical challenges in our path. Healthcare (and other sensitive/critical services) is not somewhere where we can just rock up and start jumping on systems and networks, even just organisationally and from a comms point of view the challenges aren’t small. We want to make sure that as a group we can help no matter where we are.

A Force for Good

To this end we are formulating ideas for initiatives whereby we can support our healthcare services from an internet perspective.

Our thinking in this space is along these lines:

  • Phishing Reporting
  • Malware Analysis
  • OSINT/Threat Intelligence
  • Malicious Website Takedowns
  • COVID19 ‘Opportunity Abuse’
  • Social Media Amplification
  • Creation of helpful content around good cyber security guidance
  • Sharing of useful resources and trusted services

We are taking a cautious approach with how we enable this group, we are doing a huge amount of work talking with partners, volunteers and technical solution providers, but we also MUST ensure that the work we do is conducted inline with our mission to HELP (not hinder)! We’ve put together a code of conduct to help support this!

If anyone has any suggestions for other ways we can support, please get in touch with the team on the LinkedIn group.

Active Defences – Protective DNS

Introduction

The NCSC provide a range of services for public organisations (such as the NHS). Part of these include active defence services. One of these is protective DNS!

Protective DNS

Protective DNS acts as a sink holing mechanism to help prevent an unsuspecting web user from visiting a malicious site (such as a phishing site or one hosting malware). Well what’s that?

So DNS acts as an address book, you enter a URL e.g. www.google.com and your device does a look up to its name server, if the address exists it will return back a valid response. Now protective DNS is where rather than forwarding your requests to raw internet DNS servers, we use a managed service which has a constantly updated list of known malicious sites, etc. That way, if you try and visit a bad site, you get given a safe address and your device doesn’t even get there! Now my explanation here is really simple, it’s a bit more complex in reality. Luckily the team at NCSC have written up a far more in depth view of this.

https://www.ncsc.gov.uk/information/pdns

If you are a public organisation hopefully you’ve already got this and a load of other controls deployed, however I wanted to highlight this again, as if you are a public sector organisation you can request and leverage this as one of the ways to help prevent the impact of phishing and typos, etc. (I typo all the time!)

For those of you who are operating at a personal or business level, there are a range of commercial and free services available such as:

https://www.opendns.com/

https://www.quad9.net/

Another line of defence

So, no matter how big or small your organisation is, and if it is public or private you can implement protective DNS as one of the many controls required to keep you safe from cybercriminals. Remember, you need a layered approach to cyber security and protective DNS is just one of those that can be a great way to fight back!

Building the right foundations

In response to the initial concept we have had a huge level of response from volunteers. We do however realise that in order to be effective we need to have some structure and need to do a level of planning at the backend to ensure the following:

  • Healthcare providers are aware of the intent.
  • Healthcare providers know how to request support
  • That there is the appropriate processes and procedures in place to put HC providers in contact with volunteers

This list isn’t exhaustive, there are lots of things to consider when setting up a volunteer organisation, so please bear with us. We are in talks with both healthcare providers and government agencies to make sure we get this off on the right foot, that we have a suitable structure and that ultimately we can all help support our great healthcare providers in a manner which gives them the help and support they need, in the manner they need it.

Please bear with us as we develop and grow this, we are trying to move at pace but also ensure we focus on our primary objective of delivering actionable support to healthcare, we already are working with NHS trusts.

In the meantime we ask that people join our LinkedIn group whilst we co-ordinate across healthcare providers, volunteers, vendors and various agencies.