Police CyberAlarm for East Sussex businesses
SEROCU & Surrey and Sussex Cyber Crime Unit is offering the free tool to local businesses and organisations, helping to increase the national network of Police CyberAlarm members. The data collected will help law enforcement identify current threats and take enforcement action against cyber criminals, as well as boosting the cyber resilience of these local businesses and organisation.
The enhanced version of Police CyberAlarm works alongside an organisation’s current cyber security products, such as the firewall, Network Intrusion Detection System (IDS) and Intrusion Protection System (IPS), Anti-Spam and Network Anti-Virus to help members better understand the cyber threats they face.
Data received by the Police CyberAlarm Server is then used to create regular reports on potential malicious activity seen by individual members as well as reports containing threat trends seen across the member network. Members can then use this reported intelligence to update their defences to better protect themselves from cyber threats.
Vulnerability Scanning can be added and used to scan an organisations website and external IP addresses, providing regular reports of all known vulnerabilities.
In essence, CyberAlarm acts as a ‘CCTV camera’ for your internet traffic, by vulnerability scanning and providing regular reports directly to your organisation of any suspicious activity, trends, or cyber attacks. The data sent only includes metadata (logs) relating to the suspicious activity from internet facing gateways such as Firewalls and does not contain any content of the traffic. It is purposely designed to protect personal data, trade secrets and intellectual property.
Since launch, Police CyberAlarm has identified over a billion potential suspicious events resulting in reports and advice being given to members, enabling them to take action to prevent a successful attack.
In one case Police CyberAlarm detected a UDP amplification attack, a very potent attack method that turns an organisation’s own equipment against it, causing the member organisation infrastructure to attack itself. Working with the Police CyberAlarm team, the member was able to mitigate the effects of the attack stopping it from having any effect on its network.
As well as the data collected by Police CyberAlarm helping members to better protect themselves, the information gathered also helps regional and force cybercrime teams to build a much better understanding of the scale, types and clusters of cyber threats being aimed at members across England and Wales. Policing has been able to use the information collected to enable the local and regional cybercrime teams to proactively warn members of new emerging, recent and zero-day threats.