Tag Archives: cyber-security

Just how serious is the threat of cyber-attack to the UK? Are our government and industrial secrets being targeted globally by cyber criminals? Most people have been lulled into something of a false sense of security. They are aware of the fact that governments and businesses take great care to protect their valuable assets and information, using intrusion protection and advanced penetration testing to filter out the threats, and that by and large such practices have managed to keep a lid on the problem. Continue reading Cyber-security: Britain faces around 70 sophisticated cyber-attack operations per month against its government and industry networks

Facebooktwitterredditpinterestlinkedinmail

The UK government has launched a scheme designed to promote greater information sharing on cross-sector cyber threats between businesses and government. The Cyber Security Information Sharing Partnership (CISP) will establish a cyber-attack monitoring operations room, known as a Fusion Cell, where cyber security experts from industry will operate alongside the experts from GCHQ, MI5 and the police for the first time in an attempt to combat the growing online threat to Britain’s firms. Continue reading UK launches Fusion Cell to combat cyber-attacks

Facebooktwitterredditpinterestlinkedinmail

The UK’s national cyber security strategy, published in November 2011, set out the government’s intentions to encourage industry-led standards and guidance for organisations to manage the risk to their information. However there is still confusion around which standards are best followed. As a consequence the government has announced that it plans to select and endorse a preferred organisational standard that best meets the requirements for effective cyber risk management.

Continue reading Government to launch a consultation on effective cyber risk management

Facebooktwitterredditpinterestlinkedinmail

Facebook and Apple have become the latest companies to reveal they had been the target of a “sophisticated cyber-attack” by hackers last month. Although security was breached both companies confirmed that they had found no evidence any user data had been compromised.

In a blog post on its website Facebook explained what it knew of the cyber-attack:

Continue reading Facebook and Apple are the latest companies to fall victim to cyber-attack

Facebooktwitterredditpinterestlinkedinmail

A botnet that was believed to have illegally infected somewhere between 300,000 and 8 million machines and was raking in an estimated $1 million a year has been shut down by security experts. The Bamital botnet was shut down when teams working with Microsoft and Symantec anti-virus specialists raided several data centres in the US. Microsoft and Symantec claim that the computers infected by the Bamital botnet were being used illegally for identity theft. Thousands of affected users have been offered free tools to help to clean up infected machines.

Continue reading Bamital botnet shut down by Microsoft and Symantec anti-virus specialists

Facebooktwitterredditpinterestlinkedinmail


Last weekend the Foreign Secretary, William Hague, signed up to a new World Economic Forum set of principles on cyber-resilience on behalf of the UK government. The UK has joined 70 companies and government bodies across 25 countries and 15 sectors in demonstrating their commitment and determination to taking a responsible and collective approach to ensure secure, resilient digital global networks that are safe, yet open to all.

Continue reading The UK signs up to a new multi-national cyber-resilience partnership

Facebooktwitterredditpinterestlinkedinmail

It’s been a torrid old time for Oracle over the last few months. Targeted by hackers, Oracle has rarely been out of the news. There were hopes that the recently-released Java 7 Update 11 would solve the problems once and for all, unfortunately the patch, which was meant to mitigate two zero-day vulnerabilities in Java that were being actively exploited by attackers, has not delivered according to cyber-security experts. They maintain that all that has happened is that the threat has been relocated, and therefore that Java is still vulnerable.

Continue reading Has Oracle’s Java 7 update patch finally removed the security vulnerabilities that have been exploited by hackers?

Facebooktwitterredditpinterestlinkedinmail

The hunt for a major cyber-attack that could have been stealing confidential documents since 2007 is finally over after the Red October malware was discovered by researchers at Russia’s Kaspersky Labs. The malware had been targeting government institutions, embassies, oil and gas institutions and nuclear research centres. Red October, named after the Russian submarine featured in the Tom Clancy novel The Hunt For Red October, was designed to steal encrypted files, and was so sophisticated that it was even able to recover files that had been deleted. Experts are hailing the discovery as ‘very significant’.

Continue reading The hunt for ‘Red October’ is finally over according to malware researchers at Kaspersky Labs

Facebooktwitterredditpinterestlinkedinmail

If you ever wanted proof that website security is a major issue, or that hacking and cyber-attacks are a serious global problem, then you need look no further than the statement issued by Microsoft recently. Microsoft, the world’s largest software producer, has admitted that hackers have uploaded viruses and malware which can help them steal people’s personal data on to millions of new PCs and laptops. After an investigation the company revealed that it had found malware in counterfeit copies of Microsoft Windows which would allow hackers to remotely switch on and control devices like microphones and cameras on machines that were still factory-sealed.

Continue reading Microsoft admits that millions of new computers could be infected with malware

Facebooktwitterredditpinterestlinkedinmail

The majority of organisations will generally now have a number of information security controls in place. However, without a formal Information Security Management System (ISMS), these controls tend to be somewhat disorganized, haphazard and disjointed.

The reason for this is that the controls have often been implemented partly as specific solutions for specific situations, or simply introduced as a matter of convention. Unfortunately, the security controls in operation today typically only address certain aspects of IT or data security, leaving non-IT information assets like paperwork and proprietary knowledge less protected and vulnerable. Sometimes business continuity planning and physical security might be managed independently of IT or information security, whilst Human Resources practices may not recognise the need to define and assign information security roles and responsibilities throughout the organization. The ISO 27001 standard was introduced to address these issues.

Continue reading Why is it important that Information Security Management Systems conform to ISO 27001?

Facebooktwitterredditpinterestlinkedinmail

The security of both the critical national infrastructure and business interests is increasingly being threatened by cyber criminals. Terrorists, fraudsters, rogue states and individual activists are among the criminals who have been targeting computer systems in the UK over the last two years.

Continue reading Deception protection: innovative technology that detects, tracks, profiles and prevents hackers in real-time

Facebooktwitterredditpinterestlinkedinmail