10 Oct 2023
by David Carroll

How PDNS is creating resilience in the UK public sector

Guest blog by David Carroll, Managing Director at Nominet Cyber #techUKCyber2023

With the risk of UK cyber attacks on the rise, protecting public sector organisations from digital harm has never been more important. Fortunately, there are an increasing number of safeguards available, which can be put in place to prevent malicious actors from disrupting vital public services.

The Active Cyber Defence (ACD) programme is one such initiative, developed by the UK’s National Cyber Security Centre (NCSC) with the ultimate aim of protecting the public sector. The programme seeks to ‘protect the majority of people in the UK from the majority of the harm caused by the majority of the cyber-attacks the majority of the time’ (NCSC). The Protective Domain Name Service, known as PDNS, forms a key part of the ACD initiative.

The UK’s National Cyber Security Centre (NCSC) and Nominet – the .UK registry since 1996, who have harnessed expertise in national scale DNS to protect public services from cyber threat – are protecting the UK’s digital ecosystem with PDNS. Here’s how.

Introducing PDNS: A defence exclusive to the public sector

Nominet runs the Protective Domain Name Service (PDNS) on behalf of the UK’s National Cyber Security Centre (NCSC) to protect vital public services. In the face of geopolitical change and technological advancements, the value of PDNS is significant and wide reaching.

PDNS is a proactive approach to cyber security that helps public sector organisations protect sensitive data, critical systems, and infrastructure – uplifting the country’s overall cyber posture.

The public sector is complex, with organisations of varying size and differing cyber maturity levels. PDNS offers protection across the board no matter who you are – from central government and local councils to NHS trusts, social housing providers and more.

PDNS can be easily implemented as part a wider cyber security strategy and adds an additional layer of digital protection within public sector organisations for peace of mind.

What is PDNS and how does it work in practice?

The internet’s Domain Name System (DNS) behaves as a directory containing domain names and associated IP addresses – similarly to the way an address book contains contact names and addresses. Every time a user enters a web address into their browser, their computer uses DNS to translate the site’s domain name into an IP address (represented as a number).

As well as user-initiated actions like visiting a website, DNS plays a key role in everyday machine-initiated functions, such as loading software updates. However, when misused by malicious actors, DNS can unfortunately also play a part in distributing and operating malware to unsuspecting victims.

PDNS was built to hamper the use of DNS for malware distribution and operation. PDNS prevents access to malicious domains by simply not resolving them – preventing malware, ransomware, phishing attacks, viruses, malicious sites and spyware from causing harm in the public sector. The block list is curated and refined using NCSC’s intelligence, third-party information and Nominet’s own threat research for new and emerging threats.

Whilst PDNS still fulfils its initial brief as a blocking capability, it also provides the NCSC with a holistic view of the entire UK public sector’s threat landscape. The PDNS service also includes roaming capability to protect public sector organisations no matter where employees are based.

The benefits of PDNS in the public sector

The benefits of PDNS for public sector organisations include:

  • Blocks malware and malicious sites (including ransomware and spyware)
  • Provides dashboard and data logs, enabling customers to monitor network status
  • Subject matter expertise from NCSC and Nominet (where appropriate)
  • It’s a free service – centrally funded by the NCSC to protect vital public services

Watch the video: The NCSC’s Protective Domain Name System (PDNS)

The story so far: How PDNS is protecting vital UK public services

At present, PDNS is helping to protect over 1,200 UK organisations (and counting) from the risk of cyber attack (Active Cyber Defence: The Sixth Year, NCSC).

Figures from the NCSC reflect the impact of PDNS on the public sector. In 2022, PDNS handled a staggering 0.81 trillion DNS queries and blocked 11 billion DNS queries for 420,000 domains to help keep the UK’s public sector safe from malicious activity. PDNS is evolving thanks to ongoing threat research and analysis to better protect UK government against the threats we see specifically targeting these organisations.

The top threats public sector organisations face includes malware, command and control (C2), phishing and malicious code – all of which PDNS can successfully block to prevent harm. PDNS also makes a significant contribution to protecting the UK from ransomware, blocking five million requests for domains associated with this threat in 2022.

PDNS in times of national crises

PDNS has proven to be an invaluable defence during high profile events.

When SolarWinds Orion’s software supply chain was compromised, PDNS was a primary data source for analysis and critical to informing NCSC’s situational awareness and response. PDNS’ broad view of DNS activity across the UK public sector enabled NCSC analysts to rapidly measure how many public bodies were affected, plan remediation efforts and provide assurance to those unaffected.

In 2020, during the height of the pandemic, the NHS and the Health and Social Care Network (HSCN) were rapidly onboarded to PDNS for the first time, safeguarding the UK’s most vulnerable organisations during an unprecedented global crisis. The majority of NHS organisations are now protected by PDNS, providing the NCSC with an entire view of a critical set of networks.

Securing a safe future in the UK public sector and beyond

The digital landscape is constantly evolving, and with new advancements in technology come new cyber threats. Taking a proactive approach to cyber security is the best preventative measure.

Public sector organisations can take advantage of PDNS to bolster their digital security defences, preventing malicious activity from disrupting vital public services.

PDNS is a free cyber security service funded by the NCSC and implemented by Nominet. You can find out more about the service and how to register for PDNS here (NCSC website).


techUK’s Cyber Security Week 2023 #techUKCyber2023

The Cyber Programme team are delighted to be hosting our annual Cyber Security Week between 9-13 October.

Click here to read all the insights

Join us for these events!

11 October 2023

Cyber Innovation Den 2023

Central London Conference

Cyber Security Programme

The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.

Learn more

Join techUK's Cyber Security SME Forum

Our new group will keep techUK members updated on the latest news and views from across the Cyber security landscape. The group will also spotlight events and engagement opportunities for members to get involved in.

Join here

Upcoming Cyber Security events

Cyber Security updates

Sign-up to get the latest updates and opportunities from our Cyber Security programme.

 

 

 

 

Related topics

Authors

David Carroll

David Carroll

Managing Director, Nominet Cyber