Businesses are being encouraged to sign up to a free ‘cyber alarm’ service that has detected over a billion online suspicious events.
Police CyberAlarm is designed to support organisations who are part of the scheme to understand and monitor malicious cyber activity.
Members receive regular threat reports showing suspicious and potentially malicious attack activity on their firewall and internet gateway.
The report also details how the business is being attacked and from where, in order that they can improve their cyber resilience.
Vulnerability scanning can be added and used to scan an organisation’s website and external IP addresses, providing regular reports of all known vulnerabilities.
Launched in 2020 by the National Police Chief’s Council (NPCC) Cybercrime Programme – a Home Office funded initiative – the scheme is being supported in Scotland by the national force.
CyberAlarm also assists Police Scotland officers identify current threats and take enforcement action against cybercriminals and benefit any public and private sector business with a computer network, including SMEs, organisations, charities, education establishments and local government.
Chief Superintendent Conrad Trickett said: “People and businesses are spending more and more time online and it is almost impossible to trade without a computer network or website.
“The threat from cybercriminals is now ever present and Police Scotland’s priority is to keep everyone safe, and that incudes in the digital world. This is even more important with criminals continuing to use any method at their disposal to exploit vulnerabilities
“Cyber security should be a priority for every business. There has never been a more appropriate time to make use of any system that can make them more cyber resilient.
“I would urge businesses to take the opportunity to sign up to the Police CyberAlarm scheme.”
The software is provided by third party cybersecurity vendor, Pervade. Since its launch, Police CyberAlarm has identified over a billion potential suspicious events resulting in reports and advice being given to members, enabling them to take action to prevent a successful attack.
In one case Police CyberAlarm detected a UDP (user datagram protocol) amplification attack, a very potent attack method that turns an organisation’s own equipment against it, causing the member organisation infrastructure to attack itself. Working with the Police CyberAlarm team, the member was able to mitigate the effects of the attack stopping it from having any effect on its network.
In another case a company, which was not a Police CyberAlarm member, fell victim to a ransomware attack which forced it to shut down business critical systems. After contacting the police, Police CyberAlarm was installed immediately by the company, which was able to identify the method of the attack, which was communicated to the company to allow it to close the vulnerabilities that existed. The company’s next Police CyberAlarm report indicated that almost 1.3 million attempts to gain access had been made in the week after the attack.
Justice secretary Angela Constance said: “Improving cyber resilience remains a key priority for the Scottish Government. As a nation of small and medium sized companies, we work with partners, including Police Scotland, to raise awareness and support organisations to improve their cyber defences, which is key to their operational and business continuity.
“As a free digital tool, I would encourage businesses to sign up to Police CyberAlarm. The technology helps firms understand the risks they face online and assists Police Scotland to work with organisations so they can prepare to respond to cyber-attacks effectively. We want to make the most of technological advances while keeping Scotland digitally safe and secure.”
However, the platform has also been on the receiving end of some criticisms from an independent security researcher, who performed an analysis of the service. Paul Moore claims he has identified flaws in the platform, which could cause potential vulnerabilities for businesses. The claims made national trade press news and led to claim and counter claim between Moore – who continues to criticise the platform – and the NPCC, as well as Pervade, the vendor.
A spokesperson for the National Cyber Crime Programme, which oversees Police CyberAlarm, said: “The Police CyberAlarm system is safe for organisations to install and operate. It has been robustly tested internally by qualified security specialists, as well as undergoing 10 reviews by independent highly qualified CHECK / CREST certified organisations, all well regarded within the industry.
“Police CyberAlarm has helped to alert and protect members from numerous vulnerabilities and threats, examples of which can be found on the PCA website.
“As is good practice, Police CyberAlarm operates a responsible disclosure page where any of the information security community can highlight any areas of improvement with the system responsible disclosure page
“There has been no evidence of any security issues from any of our member organisations running Police CyberAlarm since its inception. As with any software, regular updates are made to continue to improve security, but our members can be assured that Police CyberAlarm is safe and secure for organisations to install and use.”