BT to share malware data with rival ISPs to curb cyber crime

BT developed collaborative malware intelligence system following intervention from NCSC

BT has begun sharing data about malicious software and websites with rival internet service providers in a bid to cut down on cyber crime affecting users and its services.

The company, which offers connectivity under both the BT and Plusnet brands, claims to be the world's first telco to share such information with competitors and is urging other broadband firms to take similar steps.

BT has created a free-to-use collaborative platform where ISPs can access its threat intelligence data. It said the move will "protect consumers and businesses from the global cyber-crime industry".

It said that the platform was developed in "direct response" to an initiative from National Cyber Security Centre (NCSC) encouraging communications firms to share malware threat information.

Under the initiative, BT will alert rivals about "any malicious domains associated with malware control" that it identifies using its threat intelligence capabilities.

Networks will be able to exchange detections in real time

As a result, ISPs ought to be better placed to "choose whether to take any action to protect their customers by blocking such harmful malware", said BT.

Since the end of last year, BT's global team of 2,500 cyber security experts claim to have identified and shared more than 200,000 dodgy website domains.

They are "currently preventing the delivery of 50 million malicious emails with 2,000 unique malicious attachments every month". BT said these numbers translate into 20 malicious emails every second.

BT added that it has been consulting the government's Active Cyber Defence Strategy and tapping into DNS technologies in a bid to automatically block malware.

Mark Hughes, CEO of BT Security, said that being open about threats is "an important step in helping the government achieve its aim of making the UK the safest place to live and do business online".

He continued: "We believe that only by working together with government and the rest of the telecommunications industry can we collectively succeed in stemming the tide of cyber-crime.

"That's why we're urging other ISPs to join us in sharing threat information in a more open and collaborative way."

Dr Ian Levy, technical director for the NCSC, praised BT's move. He said: "This is a fantastic initiative that will help provide broader protection of cyber threats facing the UK.

"Networks will be able to exchange detections in real time so that UK citizens can be protected by their ISP by default and for free, as part of the National Cyber Security Centre's Active Cyber Defence programme.

"This unprecedented level of sharing and exchange will have a positive impact across the whole security community by helping us to collectively understand our adversaries and reduce the impact of cyber attacks."