George Osborne outlines threat to Government’s IT systems
Monday 16 May 2011
George Osborne on Monday outlined the extent to which the Government’s IT systems are under attack from hackers, saying that more than 20,000 “malicious emails” are sent to its networks each month.
The Chancellor said that last year saw “hostile intelligence agencies” make hundreds of “serious and pre-planned attempts to break into the Treasury’s computer system”, which he said averaged out at “more than one attempt per day”.
Speaking at the opening of Google’s Zeitgeist event yesterday, the Chancellor outlined government plans to publish a wealth of data online and to make government services “digital by default”. But, alluding to high-profile cases of data loss like that seen recently at Sony, he pointed out that the Government “must get the security question right”.
He also announced the appointment of the former head of Barack Obama’s Open Government Initiative Beth Noveck to help implement the changes, which he called a “world-class appointment”.
In February this year, Foreign Secretary William Hague told a conference in Munich that the Government’s computers were infected by a virus last year, which was transferred via email. He said the infection was cleared up but added that “more sophisticated attacks such as these are becoming more common”. The extent to which that is affecting government systems, which hold sensitive data, was revealed by Mr Osborne.
He added that the Treasury is “one of the most targeted departments across Whitehall”. Mr Osborne outlined one example last year when, he said, a “perfectly legitimate G20-related email” was sent to the Treasury.
“Within minutes it appeared that the email had been re-sent to the same distribution list. In fact, in the second email the legitimate attachment had been swapped for a file containing malicious code,” said Mr Osborne.
He added that the two looked almost identical to the untrained eye but that the Treasury’s security systems identified the attack and stopped it.
According to reports, a similar attack aimed at the French Finance Ministry and the European Council last year got past the security systems of 150 computers ahead of the G20 summit. An anonymous French government official was quoted as saying that it had been “noted that a certain amount of the information was redirected to Chinese sites”.
During a speech, given to internet entrepreneurs, the Chancellor said he was “determined to get the security question right” announced and reiterated the Government’s commitment to launching a £650m National Cyber Security Programme to enhance its online security.
Graham Cluley, an internet security expert at Sophos, pointed out the risk that “one of the targeted government attacks could steal sensitive information from government computers and put it in the hands of unknown parties”. But he noted out that the number of attacks quoted by the Chancellor is not unusual for an organisation of the government’s size.
He referred to GCHQ figures which suggest that only around five per cent of the attacks – around 1,000 per month – are specifically targeted against government departments, rather than as part of more speculative “scattergun” attacks.
Mr Cluley accused the government of traditionally being “slow to follow best practice” in online security. In a blog post, he recommended that the government review its security tools to meet the threat, warning that it should take a “close look at its computers and applications to ensure that they are properly patched against vulnerabilities.
He wrote: “One key question I would pose, for instance, is whether the web browser and PDF viewer being used by the British Government is properly up-to-date and patched. That’s even before we consider Microsoft Office, Java, Adobe Flash, etc etc ad nauseum.
“In early 2010, the British Government was strongly criticised for its unwillingness to upgrade from the chronically insecure Internet Explorer 6, and thousands of people signed a petition calling on government departments to upgrade their browsers.
“It’s unclear whether all UK Government departments are now up-to-date in the browsers and other application they use, but it seems to me that if their computers are being attacked by foreign powers with boobytrapped documents and dangerous links that to do anything less would be negligent in the extreme.
Mr Osborne’s speech came just hours after Sony’s popular PlayStation Network was tentatively returned to service after hackers shut it down last month. Around 100 million accounts were compromised and credit card details and other personal information stolen in what is thought to be the biggest online security breach ever.
- 1 Tourist films plane's descent just metres above packed Caribbean beach
- 2 Kate Moss: Previously unpublished nude photo revealed by Mert and Marcus
- 4 World Book Day: Boy 'excluded' from school after dressing up as Fifty Shades' Christian Grey
- 5 Bad Jews poster 'censored' on London Tube
Tourist films plane's descent just metres above packed Caribbean beach
Indian woman creates 'Marriage CV' after parents put her on dating site: 'Definitely not marriage material. Won’t grow long hair, ever'
Becky Watts: Four appear in court charged with hiding body parts after teenager's death
Isis 'bulldozes' Nimrud: UNESCO condemns destruction of ancient Assyrian site as a 'war crime'
Professor Brian Cox brands astrology-believing Tory MP David Tredinnick an 'outlier on the spectrum of reason'
Nearly 100,000 of Britain's poorest children go hungry after parents' benefits are cut
Durham Free School: 'Creationism taught at' free school facing closure
End of the licence fee: BBC to back radical overhaul of how it is funded
Elif Shafak: Turkish author warns against rise of British nationalism
Ex-head of MI6: 'We shouldn't kid ourselves that Russia is on a path to democracy'
Most people think legal tax avoidance is just as wrong as illegal tax evasion, poll suggests
£65000 per annum: Ashdown Group: Technical Presales Engineer - central London ...
£20000 - £50000 per annum: Recruitment Genius: A Physiotherapist / Sports Ther...
£8 - £9 per hour: Recruitment Genius: Sales Executives / Advisors are required...
£14000 - £15000 per annum: Recruitment Genius: An opportunity has arisen for a...