George Osborne outlines threat to Government’s IT systems
Monday 16 May 2011
George Osborne on Monday outlined the extent to which the Government’s IT systems are under attack from hackers, saying that more than 20,000 “malicious emails” are sent to its networks each month.
The Chancellor said that last year saw “hostile intelligence agencies” make hundreds of “serious and pre-planned attempts to break into the Treasury’s computer system”, which he said averaged out at “more than one attempt per day”.
Speaking at the opening of Google’s Zeitgeist event yesterday, the Chancellor outlined government plans to publish a wealth of data online and to make government services “digital by default”. But, alluding to high-profile cases of data loss like that seen recently at Sony, he pointed out that the Government “must get the security question right”.
He also announced the appointment of the former head of Barack Obama’s Open Government Initiative Beth Noveck to help implement the changes, which he called a “world-class appointment”.
In February this year, Foreign Secretary William Hague told a conference in Munich that the Government’s computers were infected by a virus last year, which was transferred via email. He said the infection was cleared up but added that “more sophisticated attacks such as these are becoming more common”. The extent to which that is affecting government systems, which hold sensitive data, was revealed by Mr Osborne.
He added that the Treasury is “one of the most targeted departments across Whitehall”. Mr Osborne outlined one example last year when, he said, a “perfectly legitimate G20-related email” was sent to the Treasury.
“Within minutes it appeared that the email had been re-sent to the same distribution list. In fact, in the second email the legitimate attachment had been swapped for a file containing malicious code,” said Mr Osborne.
He added that the two looked almost identical to the untrained eye but that the Treasury’s security systems identified the attack and stopped it.
According to reports, a similar attack aimed at the French Finance Ministry and the European Council last year got past the security systems of 150 computers ahead of the G20 summit. An anonymous French government official was quoted as saying that it had been “noted that a certain amount of the information was redirected to Chinese sites”.
During a speech, given to internet entrepreneurs, the Chancellor said he was “determined to get the security question right” announced and reiterated the Government’s commitment to launching a £650m National Cyber Security Programme to enhance its online security.
Graham Cluley, an internet security expert at Sophos, pointed out the risk that “one of the targeted government attacks could steal sensitive information from government computers and put it in the hands of unknown parties”. But he noted out that the number of attacks quoted by the Chancellor is not unusual for an organisation of the government’s size.
He referred to GCHQ figures which suggest that only around five per cent of the attacks – around 1,000 per month – are specifically targeted against government departments, rather than as part of more speculative “scattergun” attacks.
Mr Cluley accused the government of traditionally being “slow to follow best practice” in online security. In a blog post, he recommended that the government review its security tools to meet the threat, warning that it should take a “close look at its computers and applications to ensure that they are properly patched against vulnerabilities.
He wrote: “One key question I would pose, for instance, is whether the web browser and PDF viewer being used by the British Government is properly up-to-date and patched. That’s even before we consider Microsoft Office, Java, Adobe Flash, etc etc ad nauseum.
“In early 2010, the British Government was strongly criticised for its unwillingness to upgrade from the chronically insecure Internet Explorer 6, and thousands of people signed a petition calling on government departments to upgrade their browsers.
“It’s unclear whether all UK Government departments are now up-to-date in the browsers and other application they use, but it seems to me that if their computers are being attacked by foreign powers with boobytrapped documents and dangerous links that to do anything less would be negligent in the extreme.
Mr Osborne’s speech came just hours after Sony’s popular PlayStation Network was tentatively returned to service after hackers shut it down last month. Around 100 million accounts were compromised and credit card details and other personal information stolen in what is thought to be the biggest online security breach ever.
- 1 Snoop Dogg and Jared Leto buy a stake in Reddit as A-list invests $50m
- 2 HeForShe campaign: Iceland to follow up Emma Watson speech with UN women's rights conference – for men only
- 3 Car tax disc changes: Two days to go - and they affect you much more than just not displaying a piece of paper
- 4 Ed Sheeran dedicates song to David Cameron
- 5 Now we know whose fault it is if you end up being murdered in Thailand
Snoop Dogg and Jared Leto buy a stake in Reddit as A-list invests $50m
Five-year-old Iris Grace is raising awareness of autism through her extraordinary paintings
Car tax disc changes: Five facts you never knew about your (almost obsolete) tax disc
The Aral Sea: Nasa pictures show how what was once the fourth largest lake in the world has become almost completely dry
Thailand beach murders: Hannah Witheridge 'was raped by two men before being killed'
Isis, we are told, is a 'clear and dangerous threat to our way of life'. I’m sorry, but I just don’t buy it
Exclusive: 'Putin's Russia has been my biggest regret,' says Nato's outgoing Secretary General
The Osborne Ultimatum: Chancellor’s benefits freeze bombshell will affect ten million households
There’s no excuse for Dave Lee Travis’s behaviour, but we need to keep a sense of proportion
Should gay sex be illegal? 16% of Britons think so
Mark Reckless becomes second Tory MP to defect to Ukip in a month
- < Previous
- Next >
£18000 - £23000 per annum + Uncapped OTE: SThree: SThree Group have been well ...
£18000 - £23000 per annum + OTE: SThree: Real Staffing Group is seeking Traine...
£120 - £140 per day: Randstad Education Leeds: We have an exciting opportunity...
Competitive: Randstad Education Manchester: SEN Teacher urgently required for ...