New Early Warning service to help defend against cyber attacks

The National Cyber Security Centre (NCSC) has launched a new online service which alerts organisations to potential cyber attacks affecting their networks

The Early Warning service uses a variety of information feeds from the NCSC, as well as trusted public, commercial and closed sources, to deliver several types of threat information:

• incident notifications - activity that suggests an active compromise of your system (eg your IP address has been involved in a DDOS attack)
• network abuse events - indicators that your assets have been associated with malicious activity (eg a client on your network is part of a botnet)
• vulnerability alerts - indications of vulnerable services running on your assets (eg you have a vulnerable port open)

Businesses can subscribe to the service free of charge. Once subscribed, you can receive two types of alerts:

• daily threat alert - this includes incident notifications and network abuse reports
• weekly vulnerability alert - this includes vulnerability and open ports alerts

You can use this information to investigate malicious activity and take the necessary steps to protect your organisation.

Early Warning is open to all UK organisations who hold a static IP address or domain name.

Find out how the service works and how to register.

The Early Warning notification service is designed to fit into your business' wider cyber security strategy and to add another layer of defence to your existing security controls.

Further advice and guidance is available to help you strengthen cyber security for your business and protect your business online.

First published 17 May 2021