Cyber Security Breach – Guest Blog
News and information from the Advent IM team.
Guest post from Jason Barron, Advent IM Security Consultant
Cyber security breaches hit unprecedented highs in UK defence industry – Just my opinion!
What do you consider an unprecedented high?
On Wed 8 Jan 20, Sky News released an article relating to a statistics document alleged to have been produced by the Defence Industry Warning, Advice & Reporting Point (WARP). While the headline refers to “Cyber Security breaches” the actual stats recorded would indicate that 64 ‘security’ breaches were reported over a twelve-month period (Oct 17 – Oct 18. Personally, I don’t think 64 is an unprecedented level, taking into consideration the size of the Defence Industry WARP’s area of responsibility (Circa 100+ (estimated) UK defence industry partners).
Doing a thorough job….
The article also refers to half a dozen of the partially redacted incidents relate to cabinets, doors or computer server racks being left unlocked. This is nothing to get overly excited about; it happens, we’re only human after all!
How was this discovered you ask? An individual employed on security duties was switched on enough to conduct their physical security checks and find these subject doors, cabinets and server racks insecure; subsequently reporting the incident for follow up action to be initiated. It does not however, indicate that any state secrets were compromised as a result. The fact that these physical insecurities were highlighted at all, in my view, demonstrates a positive security reporting culture.
Protecting the nation?
Links within the news article state “many more of this year’s incident reports are completely redacted, suggesting they posed a more serious threat”. They are likely to refer to critical incidents, which the MoD believe would damage national security if it even acknowledged their existence.”
How about, they were redacted as they may identify a vulnerability to a process, or maybe a weakness in the physical security surrounding an establishment etc. Let’s not jump to worst case scenarios here, as often there is a perfectly reasonable explanation as to how a security incident occurred in the first place.
These things happen, move on!
Security incidents or breaches (however you want to badge them) will and do happen. It may be down to a previously unnoticed vulnerability in processes, systems/networks or policies; it may be due to carelessness or sometimes a “genuine” mistake. It’s how we learn from these issues, get them fixed, conduct our counter compromise activities and then evolve that sets the UK Defence industry apart from any other.