Just how serious is the threat of cyber-attack to the UK? Are our government and industrial secrets being targeted globally by cyber criminals? Most people have been lulled into something of a false sense of security. They are aware of the fact that governments and businesses take great care to protect their valuable assets and information, using intrusion protection and advanced penetration testing to filter out the threats, and that by and large such practices have managed to keep a lid on the problem.
The UK government has launched a scheme designed to promote greater information sharing on cross-sector cyber threats between businesses and government. The Cyber Security Information Sharing Partnership (CISP) will establish a cyber-attack monitoring operations room, known as a Fusion Cell, where cyber security experts from industry will operate alongside the experts from GCHQ, MI5 and the police for the first time in an attempt to combat the growing online threat to Britain’s firms.
You may never have heard of Gil Shwed, yet there’s every likelihood that your home or business is using internet security software that has been designed, or influenced, by the company he founded, Check Point. Shwed is an Israeli programmer and entrepreneur who is rightly regarded as one of the founding fathers of modern Internet security.
The UK’s national cyber security strategy, published in November 2011, set out the government’s intentions to encourage industry-led standards and guidance for organisations to manage the risk to their information. However there is still confusion around which standards are best followed. As a consequence the government has announced that it plans to select and endorse a preferred organisational standard that best meets the requirements for effective cyber risk management.
Cyber criminals have targeted government officials in more than 20 countries in a complex online assault rarely seen since the turn of the millennium. The attack, dubbed ‘MiniDuke’ by researchers, has infected government computers in an attempt to steal geopolitical intelligence, according to security experts.
Facebook and Apple have become the latest companies to reveal they had been the target of a “sophisticated cyber-attack” by hackers last month. Although security was breached both companies confirmed that they had found no evidence any user data had been compromised.
In a blog post on its website Facebook explained what it knew of the cyber-attack:
A botnet that was believed to have illegally infected somewhere between 300,000 and 8 million machines and was raking in an estimated $1 million a year has been shut down by security experts. The Bamital botnet was shut down when teams working with Microsoft and Symantec anti-virus specialists raided several data centres in the US. Microsoft and Symantec claim that the computers infected by the Bamital botnet were being used illegally for identity theft. Thousands of affected users have been offered free tools to help to clean up infected machines.
Last weekend the Foreign Secretary, William Hague, signed up to a new World Economic Forum set of principles on cyber-resilience on behalf of the UK government. The UK has joined 70 companies and government bodies across 25 countries and 15 sectors in demonstrating their commitment and determination to taking a responsible and collective approach to ensure secure, resilient digital global networks that are safe, yet open to all.
Here’s a question for you. Which continent is better prepared to cope with cyber-security issues, the United States, Europe or Africa? Well, Microsoft believes that Western Europe is best equipped to deal with the problems, closely followed by the United States. Unfortunately the developing world lags far behind, and that could have security implications for all of us.
It’s been a torrid old time for Oracle over the last few months. Targeted by hackers, Oracle has rarely been out of the news. There were hopes that the recently-released Java 7 Update 11 would solve the problems once and for all, unfortunately the patch, which was meant to mitigate two zero-day vulnerabilities in Java that were being actively exploited by attackers, has not delivered according to cyber-security experts. They maintain that all that has happened is that the threat has been relocated, and therefore that Java is still vulnerable.
The hunt for a major cyber-attack that could have been stealing confidential documents since 2007 is finally over after the Red October malware was discovered by researchers at Russia’s Kaspersky Labs. The malware had been targeting government institutions, embassies, oil and gas institutions and nuclear research centres. Red October, named after the Russian submarine featured in the Tom Clancy novel The Hunt For Red October, was designed to steal encrypted files, and was so sophisticated that it was even able to recover files that had been deleted. Experts are hailing the discovery as ‘very significant’.
If you ever wanted proof that website security is a major issue, or that hacking and cyber-attacks are a serious global problem, then you need look no further than the statement issued by Microsoft recently. Microsoft, the world’s largest software producer, has admitted that hackers have uploaded viruses and malware which can help them steal people’s personal data on to millions of new PCs and laptops. After an investigation the company revealed that it had found malware in counterfeit copies of Microsoft Windows which would allow hackers to remotely switch on and control devices like microphones and cameras on machines that were still factory-sealed.
We often read headlines in newspapers declaring that UK businesses are suffering as many as 1,000 cyber-attacks an hour, but which businesses are most at risk from hackers? The majority of us would probably suspect that it is the largest organisations; after all they are more likely to have the most-valuable information that will prove to be attractive to hackers.
The majority of organisations will generally now have a number of information security controls in place. However, without a formal Information Security Management System (ISMS), these controls tend to be somewhat disorganized, haphazard and disjointed.
The reason for this is that the controls have often been implemented partly as specific solutions for specific situations, or simply introduced as a matter of convention. Unfortunately, the security controls in operation today typically only address certain aspects of IT or data security, leaving non-IT information assets like paperwork and proprietary knowledge less protected and vulnerable. Sometimes business continuity planning and physical security might be managed independently of IT or information security, whilst Human Resources practices may not recognise the need to define and assign information security roles and responsibilities throughout the organization. The ISO 27001 standard was introduced to address these issues.
The security of both the critical national infrastructure and business interests is increasingly being threatened by cyber criminals. Terrorists, fraudsters, rogue states and individual activists are among the criminals who have been targeting computer systems in the UK over the last two years.