Darling has a track record on Computer hacking
Hansard Column 539 10th Jan 1988
Computer Hacking
Mr. Darling : To ask the Secretary of State for Defence if, pursuant to his answer of 13 December 1988, there have been any attempts to interfere with unclassified systems by any computer hacker.
Mr. Archie Hamilton : Two such attempts have been detected. Both were defeated by security precautions.
It seems a pity that his wide and deep interest was not maintained and that the security of HMRC systems was not subject to a similiar forensic scrutiny by him.
Apparently Plod is scouring several rubbish dumps (including Deptford Re-cycling Centre , Landmann Way, Deptford London SE14 run by HTL Waste Management Services) for the slipped discs....all that overtime Sarge' ..."luvverly jubbly".
Strange. We were told last week that the discs ..." have probably not left government property, HM Revenue and Customs (HMRC) believe".
Just how does a courier firm take such a parcel without providing a receipt ?
It has been revealed that Steve Lamey who was Chief Information Officer and identified by Lord Patel as the man in the hot seat ,was paid £240,000 per annum.
5 comments:
Why has there not been an offer of a big financial reward and promises of anonymity / immunity from prosecution , for the safe return of the CDs ?
Good point.
Of course if you know where they are it mat be inconvenient to find them ?
"Just how does a courier firm take such a parcel without providing a receipt ?"
I gather, from the press, that the missing items were in a in a reusable envelope for despatch as internal mail.
My experience from running a post room in a large organisation (so many jobs, so little money) is this.
Internal mail is collected, sorted and that to be despatched to another branch is thrown into a box or lightweight chest (also reusable). The box is robustly closed, labelled and sent by courier on the cheapest tariff. There is no urgency on internal mail, if there's a deadline you use other means.
The courier will put a trackable label on the box, the courier Co. needs to know what it's carrying and where it is but no one will know the contents of the box, not the people who filled it or the people carrying it. It's a bulk method of despatch.
There's a lot of flexibility in determining when your envelope may have been sent. F'rinstance, if you use the courier every Friday and your envelope went into the internal mail on Monday, you know which box it should've been sent in. If you have a daily courier, then you'll know to within a couple of days etc. And mail can be lost before it gets into the box and after it's taken out, it can also be misdirected.
The essential problem with the CD's is not that they were lost, it's that they were not encrypted. This should be a matter of form for transmitting sensitive data, whether by mail or electronic means.
Failure to have this procedure is a responsibility of senior management and this at least has been recognised Paul Gray.
It's difficult to see how anyone with criminal intent could use this data without creating a trail that would lead back to them
OTOH the potential for blackmail and the threat of the data being circulated anonymously around the web is much more intriguing. Not so much a case of what criminals would pay for the data but rather how much the government would pay to get it back...
There are some folks who read this blog who have the latent, beginnings of the start of the origins of a distinctly criminal mindset.
Hey..but it's a good idea...what do you think they will pay ? ... is the NR 35Bn THE payoff ?
Post a Comment