Police CyberAlarm - Monitor and Report Suspicious Cyber Activity
A new free tool, provided by your local police force and funded by the Home Office, to help your business or organisation monitor and report the suspicious cyber activity it faces.
Background
Police CyberAlarm is an award-winning free tool, provided by your local police force and funded by the Home Office, to help your business or organisation monitor and report the suspicious cyber activity it faces. Since Police CyberAlarm launched it has identified over a billion suspicious events resulting in reports and advice being given to members, enabling them to take action to prevent a successful attack. Police CyberAlarm will detect and provide regular reports of suspicious cyber activity and vulnerabilities enabling your business or organisation to identify and mitigate its cyber risks.
How it Works
As a member, Police CyberAlarm is a free tool to help you understand and monitor malicious cyber activity against your network. This service is made up of two parts: monitoring and vulnerability scanning. Police CyberAlarm will detect and provide regular reports of suspicious cyber activity, enabling your business or organisation to identify and take steps to minimise your vulnerabilities. The data collected by the system only contains summary information (metadata and header information) about communications your business or organisation receives from the internet. The system is designed to protect personal data, trade secrets and intellectual property. Once you become a Police CyberAlarm member you install a virtual or physical ‘Police CyberAlarm Collector’ on your network, which will be used to collect and process traffic logs to enable the identification of suspicious and malicious activity from any of your firewall/internet gateway, Network Intrusion Detection/Prevention system (IDS/IPS), Network Anti-Virus and Anti-Spam filters. Police CyberAlarm is a monitoring system and does not interfere with normal network operations. There are two ways to install the data collector, and both are easy to do.
Benefits to Member Organisations
Members who choose to join the Police CyberAlarm scheme share logs from their gateway security devices which contain details of requests that they receive from the Internet from which data relating to suspicious activity can be identified and extracted. In addition to logs of suspicious activity, member organisations may choose to have their website URLs and external IP addresses scanned for vulnerabilities. In exchange for securely sharing these data with Policing, the member will receive multiple benefits.
Functions and Capabilities
Police CyberAlarm identifies and analyses suspicious data that is being sent to your systems by sources on the Internet. Your business or organisation receives thousands of these probes and attacks every day and will have network security devices that protect your systems from these requests; these devices are what Police CyberAlarm monitors. When a data item (for example a file or email) is sent across the Internet it is broken down into thousands of tiny “packets” that can be transmitted. Once received, these tiny packets are then combined to rebuild the original item. Security devices can be divided into 2 categories: those that analyse the tiny packets; and, those that rebuild the original item and inspect it. In order to provide complete monitoring for suspicious data Police CyberAlarm can monitor systems in both categories, including the following systems.
Who can use Police CyberAlarm?
To register to become a Member of Police CyberAlarm you will require the following.
- A standalone firewall
- An Information Commissioner’s Office (ICO) Number
- Be responsible for the data which you are sharing
- Have a virtual or physical machine with 2GB RAM 2CPU Cores and 25GB HDD