Public Services > National Security

GCHQ wants to cook up ‘Great British Firewall'

David Bicknell Published 14 September 2016

Flagship project being mooted would provide automated defence with ISPs ‘blocking’ their customers from coming into contact with malware; current cyber defence "not, yet, good enough"


GCHQ is looking to create what has already been dubbed “the Great British Firewall” to provide protection against hackers.

The idea has emerged at a conference in Washington in a speech by the director general of cyber at GCHQ, Ciaran Martin, who is also head of the National Cyber Security Centre.

In his speech to the Billington Cyber Security Summit, Martin said, “We're exploring a flagship project on scaling up DNS filtering: what better way of providing automated defences at scale than by the major private providers effectively blocking their customers from coming into contact with known malware and bad addresses?

“Now it's crucial that all of these economy-wide initiatives are private sector led. The Government does not own or operate the Internet. Consumers have a choice. Any DNS filtering would have to be opt out based. So addressing privacy concerns and citizen choice is hardwired into our programme.”

In his speech, Martin outlined the scale of the security problem.

“The great majority of cyber attacks are not terribly sophisticated. They can be defended against. And even if they get through their impact can be contained. But far too many of these basic attacks are getting through. And they are doing far too much damage.

He said, “They're damaging our major institutions. A British telco hit the headlines last year and the initial speculation was around a highly sophisticated attack but it is now believed to have been an SQL injection, a basic technique dating from the end of the last century.

“65% of all large UK companies reported a breach in the last year. And our local media in the UK is full of painful stories of small businesses, lovingly built up, struggling to survive and maintain the confidence of their customers after a ransomware attack.

“Now these attacks aren't carried out by APTs. My technical director, Dr Ian Levy, who's an expert of global standing with a fine turn of phrase, he likes to call them APTs, but he also likes to call them something else: Adequate, Pernicious Toerags.

“But whatever term we use for them, they're doing a lot of harm and in terms of defending against them we are not, yet, good enough.”

More to follow


We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.