SPOOKS - CYBER ATTACK
Well I’ll be damned – if the subject of my last blog wasn’t the central theme to last nights episode of Spooks – CYBERWAR. (To those who live outside the UK – Spooks is a very popular TV series about the goings on of a key team inside MI5 who spend their time thwarting terrorist attacks on the UK – while engaging in risqué amorous trysts on the side ).
And so last night we had the Russians and the Chinese –(working together !!) – ganging up on MI5 by infiltrating ( hacking ) their ‘secure’ internal network. Whether the events portrayed were within the bounds of possibility or credibility who knows? But if teenagers can break into the Pentagon – then I am sure that Russian/Chinese expert hackers can probably do something along the lines of infiltrating a UK Govt ‘Spooks’ departments network. Either way it constituted an attack on British soil by foreign ‘combatants’ – which ( if it were true ) would have been a first since the Normans in 1066.
So we saw how vulnerable a so-called secure Government unit can be. Taken down by determined cyber warriors, it demonstrates that perhaps we should all be taking cyber attacks, online fraud, ID theft etc a little more seriously.
There is little doubt that security, on the Web, in the Cloud, on private networks, and on public networks - has got to be one of the most critical areas for businesses ( large and small ), for Government and all Public sector enterprises ranging from the Health Service to the internal revenue service, to better understand and to address through the deployment of strong and secure solutions.
Allowing your users / customers access to your site/application/ networks and by allowing their data to be trafficked in and around this same site/app/network places a great burden of responsibility on the shoulders of those who deliver such services. The regulators have cottoned on to this, hence the beefing up of the Data Protection Act earlier this year. But is it enough?
Identity Access Management solutions which address issues of trust and privacy and allow for safe secure transactions / communications to take place between parties - have got to be in high demand. Such solutions should be secure, affordable, scalable ( very important ), convenient and be deployed with minimal vendor input. SAAS products would appear to offer the most compelling solutions and these should be explored. There are lots of new and exciting companies out there that provide such services. Check them out. One example springs to mind – www.liveensure.com.
Keep safe.
http://www.geek.com/articles/news/firesheep-firefox-add-on-allows-simple-http-session-hijacking-20101025/
ReplyDeletehey thanks for this reference. This is exactly what I am talking about !!
ReplyDelete