UK Early Warning service for Cyber Threats
![](https://ec.europa.eu/newsroom/repository/picture/2021-23/cyber4610993_12801_ggvqWqzSC7ktwU9oxp034A5L1U_70702.jpg)
date: 09/06/2021
See also: Website
A free online service which alerts organisations and CI owners to potential cyber threats affecting their networks has been launched by the National Cyber Security Centre (NCSC) in UK. The new Early Warning service is designed to help businesses defend against cyber attacks by providing timely notifications about possible incidents and security issues.
The service automatically filters through trusted threat intelligence sources to offer specialised alerts for organisations so they can investigate malicious activity and take the necessary steps to protect themselves. Organisations will receive different types of alert, covering possible network compromises; notification of how their assets have been associated with undesirable activity or about their networks running vulnerable services that may need updating.
Organisations will receive the following high level types of alerts:
- Incident Notifications – This is activity that suggests an active compromise of your system.
- Network Abuse Events – This may be indicators that your assets have been associated with malicious or undesirable activity.
- Vulnerability and Open Port Alerts – These are indications of vulnerable services running on your network, or potentially undesired applications are exposed to the internet.
The EW service uses a variety of information feeds from the NCSC, trusted public, commercial and closed sources. Early Warning filters millions of events that the NCSC receives every day and it correlates those which are relevant to the organisation into daily notifications via the Early Warning portal.
There are two types of alerts that will be sent when an alert is detected for a business:
- Daily Threat Alert - this includes Incident Notifications and Network Abuse Reports
- Weekly Vulnerability Alert - this includes Vulnerability and Open Port Alerts
The organisation can then use the information passed on by Early Warning to investigate the issue and implement appropriate mitigation solutions where required. The Early Warning service is designed to fit into an organisation’s wider defence strategy and to complement existing cyber security controls by adding another layer of defence.