SPOOKS - CYBER ATTACK


Well I’ll be damned – if the subject of my last blog wasn’t the central theme to last nights episode of Spooks – CYBERWAR.   (To those who live outside the UK – Spooks is a very popular TV series about the goings on of a key team inside MI5 who spend their time thwarting terrorist attacks on the UK – while engaging in risqué amorous trysts on the side ). 

And so last night we had the Russians and the Chinese –(working together !!) – ganging up on MI5 by infiltrating ( hacking ) their ‘secure’ internal network.    Whether the events portrayed were within the bounds of possibility or credibility who knows?    But if teenagers can break into the Pentagon – then I am sure that Russian/Chinese expert hackers can probably do something along the lines of infiltrating a UK Govt ‘Spooks’ departments network.    Either way it constituted an attack on British soil by foreign ‘combatants’ – which ( if it were true ) would have been a first since the Normans in 1066. 

So we saw how vulnerable a so-called secure Government unit can be.   Taken down by determined cyber warriors,  it demonstrates that perhaps we should all be taking cyber attacks, online fraud,  ID theft etc a little more seriously.

There is little doubt that security, on the Web, in the Cloud,  on private networks, and on public networks  - has got to be one of the most critical areas for businesses ( large and small ),  for Government and all Public sector enterprises ranging from the Health Service to the internal revenue service,  to better understand and to address through the deployment of  strong and secure solutions. 

Allowing your users / customers access to your site/application/ networks and by allowing their data to be trafficked in and around this same site/app/network places a great burden of responsibility on the shoulders of those who deliver such services.   The regulators have cottoned on to this, hence the beefing up of the Data Protection Act earlier this year.   But is it enough? 

Identity Access Management solutions which address issues of trust and privacy and allow for safe secure transactions / communications to take place between parties - have got to be in high demand.    Such solutions should be secure, affordable, scalable ( very important ),  convenient and be deployed with minimal vendor input.   SAAS products would appear to offer the most compelling solutions and these should be explored.    There are lots of new and exciting companies out there that provide such services.   Check them out.   One example springs to mind – www.liveensure.com.

Keep safe.  

Comments

  1. Anonymous26 October 2010 at 20:13

    http://www.geek.com/articles/news/firesheep-firefox-add-on-allows-simple-http-session-hijacking-20101025/

    ReplyDelete
  2. Ross Macdonald27 October 2010 at 01:24

    hey thanks for this reference. This is exactly what I am talking about !!

    ReplyDelete

Post a Comment

Popular posts from this blog

The End of Passwords

Finally it seems … the penny has dropped.   Passwords are a poor substitute for real online security.   There is more and more ‘chatter’ about it.    Robin Henry writing in the Sunday Times on New Years Day talks of the end of ‘password hell’ invoking solutions in the pipeline from the Web Gods – Apple and Google.  The talk is of new biometric solutions such as facial and hand movement recognition.  Even IBM is talking this way.  ( http://www.forbes.com/sites/thestreet/2011/12/20/ibms-tech-predictions-for-the-next-5-years/ )  I agree with the notion that passwords are a dying breed but not that biometrics will become vogue.   They are fraught with problems of their own such as reliability, accuracy and the need for referencing of data-bases ( fail !) .    Why are passwords defunct?   Basically they are difficult to remember and they are easy to steal.    The solutions needed are those that require no cognitive load for the user ( the most unreliable participant in this enterprise
Read more

WIKILEAKS - the fuss?

Why all the fuss ? Why the ‘outrage’ at this ‘threat to national security’ ?   Are we really worried that nuclear war is going to break out because of these ‘dirty’ secrets getting out.  As if the North Koreans are going to up the ante any more than their mock charge of last week because of the abuse and scorn heaped upon them by US Diplomats.  ? !    Come on. To me the irony of this bluster is that it is (largely) from the right wing establishment in the US - calling it treason!     Any party that parades a half wit like Palin as a presidential hopeful hardly holds any moral high ground when it comes to protecting the USA.   Her appointment as the ‘leader of the free World’ will be enough to send any level headed American ( let alone any one of their Allies ) into a panicky tailspin at the thought of what she may stumble into ( by accident or design) . So how did these documents get out there?   Poor security.  Plain and simple.   If the US is so worried about this incident su
Read more

HSBC EMBRACES OLD TECHNOLOGY IN ITS BATTLE AGAINST HACKERS

 If you live in the UK and are somehow involved in the business world and exposed to media you could not help but have noticed the extensive advertising campaign that HSBC has been running on its new (sic) ‘security device’ for online banking - Secure Key.    ( I was tempted to refer to them as  ‘ large UK bank’  - but it is so obvious who it is – no point in pretending. ) A lot of money has been thrown at this campaign – I would guess millions.  ( http://www.youtube.com/watch?v=Jx0Z5CiQMIw )   Full page spreads in large circulation newspapers cost big bucks not to mention prime time TV slots.   So here you have the worlds largest retail bank splashing millions on advertising and even more on a ‘cool’ little device that looks like a mini-calculator  - but basically a technology that has been around for about a decade.   This will be rolled out to 4m retail customers worldwide at a reported cost of up to £50 per pop! ( http://www.bankingtech.com/bankingtech/article.do?articleid=200002
Read more