Question to the Department for Digital, Culture, Media & Sport:

To ask Her Majesty's Government what steps they are taking to support (1) small, and (2) medium, sized telecommunications providers in mitigating Distributed Denial of Service attacks.

Distributed Denial of Service (DDoS) attacks are a well-known type of cyber attack, used by a range of attackers against a range of targets across the world. The National Cyber Security Centre (NCSC) has published guidance to help organisations understand and mitigate this type of attack. The NCSC can also work with organisations affected by DDoS attacks to provide the necessary advice and support, and victims can refer incidents to the National Crime Agency for consideration of a criminal investigation.

More widely, the Government is committed to ensuring the security and resilience of the UK’s telecommunications networks and services. That is why we introduced the Telecommunications (Security) Bill which will establish a new telecoms security framework, including new duties and requirements on public telecommunications providers to identify and prevent the risk of a wide range of security compromises, such as those resulting from DDoS attacks. Small and medium-sized telecommunications providers will be subject to those duties and requirements.