Major General Jonathan Shaw, the head of the Ministry of Defence’s Cyber Security Programme, stated that cyber-attacks are the biggest threat to national security. The main reason for this is that foreign competitors are stealing valuable information from British companies and using it to develop and produce products at a more competitive price. A firm in Warrington, Cheshire, recently experienced this first hand. They had designed a new state of the art blade for wind turbines but soon went out of business after hackers stole the blueprints and produced it for a much cheaper price.

Major General Shaw stated “The biggest threat to this country by cyber is not military, it is economic.”

Major General Shaw later emphasised his point by stating that Britain’s position as one of the world’s leading hi-tech manufacturers is under threat unless if companies improve their security measures and prevent valuable information being stolen and used by foreign competitors.

“The cyber threat could affect anyone, and we all need to take measures to protect ourselves against the threat it poses. If the moment you come up with a brilliant new idea, it gets nicked by the Chinese then you can end up with your company going bust,” claimed Major General Shaw.

He believes that it is the Chinese who are the biggest threat to Britain’s hi-tech manufacturers as it is them who regularly target British companies and attempt to steal highly sensitive and important data.

Major General Shaw believes that in order for Britain to protect itself against cyber-attacks, an effective national response where everybody has to be involved. He argued that “About 80 per cent of our cyber problems are caused by what I call poor cyber hygiene.  Many of them would go away if our cyber hygiene was better. We have embraced the opportunities provided by new technology, such as computers and mobile phones, without giving proper consideration to the downsides.”

In an attempt to develop deterrents which can deal with hostile viruses, the Government has invested an extra £650 million. This extra amount of money has been given to the GCHQ eavesdropping complex in Cheltenham which is the nerve centre of Britain’s cyber defences and the Ministry of Defence.

Major General Shaw wants the government to introduce training schools which will educate businesses how to best protect themselves from cyber-attacks and reduce the chances of important and potential life changing data being stolen.

“Anyone can take part in these courses and learn how to implement effective precautions against cyber-attacks,” stated Major General Shaw.

UK firms under threat from foreign hackers. is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

A cookie is a piece of text stored on a users computer by their web browser. It is generated by the websites that the user visits and usually stores information that can be users to save user preferences, shopping carts and authentication.

Information Commissioner, Christopher Graham, said:

“While the roll out of this new law will be a challenge, it will have positive benefits as it will give people more choice and control over what, information businesses and other organisations can store on and access from consumers’ own computers.

“The Directive will come into force in less than two months time and businesses and organizations running websites in the UK must wake up to the fact that this is happening. We are proactively working with the government, businesses and the public sector to find a workable solution. We recognize that the internet as we know it today depends on the widespread use of cookies and there are of course legitimate business reasons for using them. So we are clear that these changes must not have a detrimental impact on consumers nor cause an unnecessary burden on UK businesses. One option being considered is to allow consent to the use of cookies to be given via browser settings.

“Once the new regulations are published there will be a major job of education and guidance to be undertaken. In the meantime, both the business community and public sector organizations need to start thinking clearly about how they will meet the requirements of the new Directive.”

The law change is being lead by the Department for Culture, Media and Sport. With Ed Vaizey commenting. “Businesses need to be working to address the way they use cookies. We recognize that work will not be complete by the implementation deadline. The government is clear that it will take time for meaningful solutions to be developed, evaluated and rolled out.”

Justice Minister Lord McNally said:
“A strong and independent Information Commissioner is vital to ensuring our personal data is kept safe, as well as keeping public bodies open to scrutiny. The government recently announced measures to enhance the ICO’s independence even further, by giving it more freedom to make corporate and operation decisions..

“As technology advances it brings new opportunities, but also new ways our data can be misused, which is why we have been gathering evidence on how the current data protection laws are working and considering ideas on how the current data protection regime can be improved.”

ICO warns UK businesses: New EU cookies law must be followed is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

One of the biggest changes that will be made in the first slew of reforms will reduce the amount of time that data can be withheld from the National Archives, cutting the current 30 year period of retraction to just 20 years. This means it will be easier for anyone to get their hands on court documents and papers which circulate in central government.

Once the legislation passes, it will be possible for FOI requests to be made against a wider range of individuals and organisations, including any business owned by the public sector and the Association of Chief Police Officers.

The practical applications of the FOI act will be considered and the government will also be looking into whether the changes will be effective, with a view to making further amendments if they do not go far enough towards ensuring transparency.

The ICO’s Christopher Graham, said that transparency was already being achieved in many areas, citing the publication of wages collected by high earning members of the Civil Service as just one way in which data was becoming less rigidly protected.

Mr Graham pointed out that the FOI act is six years old and so a revision and expansion of its powers seems sensible.

It is said that the public is hungry for gaining more access to the data which relates to their lives and how the country is being run, with Mr Graham speaking out in favour of this inclusive transparency that the FOI makes a legal requirement.

Mr Graham also said that he hoped the ICO would be seen as a more independent body, able to enact its duties within the public and private sector, without bias, while upholding the basic rights of data protection expected by UK citizens.

ICO praises calls for expanding Freedom of Information powers is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

Private data contained within court documents was improperly disposed of at a recycling centre in Glasgow, according to reports, which has led to the ICO confronting the organisation with a formal undertaking.

The initial data loss was discovered in September last year when a local newspaper was alerted to the fact that highly sensitive details had been dumped in a public recycling bank and the ICO was subsequently involved in looking into how this could have occurred.

Scrutinising those responsible for the data allowed the ICO to determine that it had in fact been lost by an individual who had edited law reports for the service. The breach had been made possible because no member of the organisation had ensured that this person was properly informed on how to safely use this type of data.

The ICO’s Ken Macdonald,said that there was a possibility such a loss would damage the trust which people involved in the Scottish legal system would feel for the framework of justice that should, theoretically, protect their most basic rights.

Mr Macdonald said that the data should not have been taken outside of the courtroom and warned that if it had been picked up by a malicious third party, it could easily have resulted in the exploitation of those implicated in its contents.

From now on workers at the Scottish Court Service will undergo training in order to ensure that they all understand the data protection policies enacted by the organisation. This includes not only the way in which data is handled and used, but also how incidents of loss or theft are reported.

As part of the ICO’s measures the formal undertaking will require that every employee who shares data as part of their work is signed up to this so-called Memorandum of Understanding sanctioned by the powers that be.

DPA breach by Scottish Court Service investigated by ICO is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

In the past cybercriminals have worked purely for financial gain, but since the Wikileaks scandal and the rise of the Anonymous hacktivist group, many public and private sector firms could face disruption which is not founded on traditional goals.

The publication of McAfee’s 2011 Threat Predictions paper brings home warnings about the potential risks facing businesses and organisations who strive for data protection, because attacks will not only come from organised crime groups, but also private citizens who want to leverage the internet to further their political cause.

The proliferation of social networking tools like Twitter is allowing disparate individuals to communicate and organise wider attacks, with big names like Amazon and PayPal both suffering as a result in the final weeks of 2010.

McAfee’s Greg Day spoke to V3.co.uk and explained that 2011 would inevitably see various private companies coming under public scrutiny as a result of their involvement with something like the Wikileaks scandal.

Mr Day is also keen to emphasise that cybercriminals will be very much active in 2011, with new tools of business being leveraged to their advantage. Location-based services which use GPS data generated from mobile devices are thought to be a particular risk, while the exploitation of URL shortening technology will continue to allow the spread of malware via Facebook and Twitter.

Mr Day said that both the criminals and hacktivists would use platforms which have risen in popularity over the past 12 months in order to stay ahead of the game in 2011 and as such security experts have to move with the times and act now in order to ensure protection.

Data loss and security weaknesses relating to social networking are seen as being related hot topics for 2011 and experts urge early preventative action rather than reparative reaction.

Political hacking to define 2011, McAfee predicts is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

In essence, the proposal made by Rob Wainwright, director of Europol, is the first step towards the creation of a central body to which anyone will be able to report cybercrimes, scams, hacks and security issues.

Members of the public would be granted a direct line to law enforcement authorities via which they will be able to blow the whistle on any malicious activities which they encounter.

By sourcing information from a vast pool of end users, the EU will be able to get a broader look at the way data protection and IT security are being handled and exploited across the continent, according to Mr Wainwright.

The responses to Mr Wainwright’s plans have been mixed. One expert pointed out that while getting the public involved in crime fighting could hardly be called a new idea, it is definitely a positive step towards a better understanding of cybercriminal activities.

Others have raised concerns over whether or not the tools offered to the public will be used effectively. It is thought that a great deal of training and education will be required before average web users will be able to make reports to such a central system that have any value in the fight against terrorists and criminals who operate in cyberspace.

Security expert Alan Bentley said that thanks to the prevalence of botnets and the scandal surrounding Wikileaks, there is a greater public awareness of the risks posed to data and IT security, along with a finer understanding of how criminals can exploit flaws.

Mr Bentley believes that people need to appreciate the types of techniques which are used by hackers and cybercriminals in order to be better equipped to detect and report their activities to any EU organisation in the future.

Data security to be tackled via crowd sourcing, EU claims is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

Seventy per cent of respondents to a survey carried out by security firm Check Point, said that the smartphones issued by their employers had no kind of encryption in place, while 87 per cent said that this extends across other portable storage solutions such as USB memory sticks.

The analysts claim that the study shows just how difficult it can be for IT departments to keep on top of device security, consequently making it much more difficult to counteract data loss, portable storage theft and unwarranted third party network access.

Two hundred and twenty people took part in the study and vulnerabilities were exposed in almost all of the businesses which they represent. The results are said to show that as workers move into operating more regularly in a mobile environment, the threats posed to data increase.

Many are attempting to step up efforts to stem the growth of potential data loss flaws by implementing the usage of secure VPNs on laptops, which was suggested by 52 per cent of respondents. Meanwhile, only 23 per cent said that they would be encrypting portable hard drives and a fifth said USB memory sticks would be getting encryption over the next 12 months.

Check Point’s Nick Lowe, said that because many businesses are going to increase the number of devices capable of storing data, the problems facing the security teams are becoming greater.

There is a general debate over who should be held responsible for the protection of data stored on a portable, mobile device, according to Mr Lowe.

Industry analyst Bob Tarzey, believes that with greater restrictions on personal device usage, many businesses will actually increase the number of employees who break regulations and so urges firms to employ sensible, inclusive practices, so that security can be assured without alienating the average employee.

Business smartphones suffer from data encryption deficit is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

Over 10,000 users of MasterCard were allegedly affected by the data theft, although the veracity of the published details was quickly denied by a spokesperson for the payment card firm, who claimed that the group of hackers, known by the name Anonymous, had faked the leak in order to stir up trouble and gain publicity for their cause.

While the card details may have been false, the implications are serious and the group has been undeniably successful in its aims of causing widespread problems for corporate entities, through the use of distributed denial-of-service (DDoS) attacks.

MasterCard’s rival payment card firm Visa has also come into the firing line and now the group has set its sights on net transaction site PayPal, because it stopped accepting donations towards whistle-blowing website Wikileaks.

The leaked payment card details included card numbers and expiry dates but among the 10,000 listings there were no cardholder names or personal details.

What gave the leaked data away as fake was the fact that none of the alleged card numbers provided by the hackers began with the number five, which MasterCard spokesperson Chris Montero said was a common feature of all its payment cards.

Security expert, Claire Sellick, said that because attacks against sites linked with the Wikileaks scandal would continue it would be necessary for these major corporate entities to shore up their defences and limit the impact of DDoS.

It is recommended that these firms separate the provision of their internet service amongst multiple firms and harness different telephone exchanges rather than a single local option as this will make it virtually impossible for a focused DDoS attack of the kind that has been experienced in recent weeks.

Many are calling for businesses to limit the spread of private data so that it can be kept secure from prying eyes. It is also held that these first attacks by a collaborative, non-governmental hacking force show that cyber warfare can be a tool for any cause.

Hackers supporting Wikileaks distribute phoney MasterCard details is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

As part of the Global Information Security Survey, it was discovered that, on average, just a tenth of businesses are prepared to invest in studying the way in which up and coming advancements in technology are altering the security landscape.

Cloud computing and social networking are considered as the two largest areas of growth which could potentially cause problems for firms who have not considered the potential risk to security which they pose.

While the businesses may have shown a lack of willing when it comes to analysing new technology, close to two thirds of respondents said that they appreciated the potential hazards posed by outsourcing data storage to third party firms and integrating new platforms without thorough investigation.

Ernst & Young’s Seamus Reilly, said that cloud computing and social networking have made collaboration and communication between employees and clients much easier. He went on to point out that while many businesses recognise the risks involved in adopting new technology, only a small proportion are actually willing to invest in tools which can mitigate threats.

Where the UK businesses trumped the international averages was in data protection investment levels, which are set to rise in 67 per cent of UK firms next year, compared to just 46 per cent on a global basis.

Eighty-five per cent of UK firms have taken action to encrypt portable storage and laptop computers, a much healthier figure than the 47 per cent of firms who have done so across the whole of the survey.

Business continuity planning was also part of the survey and again the UK came out on top, with 93 per cent of firms saying that they have a detailed scheme for dealing with disasters, much higher than the 60 per cent global average. Eighty-five per cent of UK firms have tested their business continuity plans, while just 55 per cent have done so on average.

UK fares well in data protection study is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.

Every department is going to have to liaise with Peter Ricketts, the national security advisor, in order to show that they are acting in a manner which is in keeping with the current data protection regulations, according to statements made by the Home Secretary, Theresa May.

May spoke in the Commons about the impact that WikiLeaks’ revelations had caused and explained that each department had been contacted in a letter, which instructs them to review the way in which they handle private data, the idea being that the government will then have a clearer picture of the state of information security in the UK.

The finer detail of how this review will take place was not divulged by May, but she reiterated the earlier pledge made by the government, to invest £650 million into fortifying the data protection capabilities of the UK over a four year period.

Security expert Alan Bentley, said that while the US was facing the biggest diplomatic issues following on from the WikiLeaks publications, the fact that several high profile sites in the UK were identified within the leaked documents, is likely to be the main cause for the implementation of this review by the government.

Mr Bentley said that it was typical to see data security being re-examined only after a serious threat has been identified, although he welcomes the fact that the review is taking place, no matter what the motivations behind the movement.

Mr Bentley believes that any evaluation of governmental security capabilities will only be useful if it is provided with the right type of advice and instruction.

Some experts believe that the actions of WikiLeaks shows how unsecure certain systems are and highlights a need for a wider alteration in the way that top secret data is handled around the world.

UK government to reappraise data security after WikiLeaks controversy is a post from Backup Technology's Blog. Contact us today for further information on our Online Backup and Business Continuity services.