§ The Earl of Northeskasked Her Majesty's Government:
What action they have taken to protect government websites from the BadTrans virus. [HL2354]
§ The Lord Privy Seal (Lord Williams of Mostyn)Since November 2001 the Government Secure Intranet (GSI) provides a single virus checking service for e-mail coming into government. This scans all e-mails, identifying suspect items as potential viruses and preventing them being received (where traditional virus checkers would rely on regular updates to identify new viruses). This means that new viruses such as BadTrans are identified when they first appear, where other virus checkers would let them through. In the first two months, more than 22,700 viruses were prevented from reaching government departments and several instances of the BadTrans virus were stopped before it was even realised there was a threat. It is currently stopping one e-mail in every 250 received as containing a virus.
In addition, general guidance on the protection of public sector websites is provided by the Office of the e-Envoy in its Guidelines for the protection of government websites and in its Security Framework Policies. More detailed security guidance and advice are provided by the Communications Electronic Security Group at Government Communications Headquarters, Cheltenham, which is the national technical authority on such matters.
169WAIn the event of a particular electronic incident, such as the BadTrans virus, government departments are alerted to the threat and advised of remedial action by the National Infrastructure Security Co-ordination Centre and UNIRAS, its Unified Incident Reporting and Alert Scheme.