|
|
Post by Red Rackham on Aug 26, 2023 23:30:29 GMT
EVERY Met Police officer's details at risk: Force announces major security breach after cyber criminals hack into warrant card supplier in move branded 'outrageous' by former top copEvery Met Police officer's details are at risk following a major security breach which saw cyber criminals hack into the force's warrant card supplier - in a move that has been branded by 'utterly outrageous' by a former top cop. All 47,000 personnel in the force were warned last night of the risk that their photos, names and ranks could have been stolen when criminals hacked the IT systems of a contractor that prints staff passes. ID numbers and vetting levels could also have been exposed in the breach employees were told - linkIf this wasn't so serious, it would be hilarious. We are constantly told that our online information is safe, it's secure, that it's impossible for your personal information to be stolen, relax there's nothing to worry about. If the Met can get hacked then it doesn't matter who tells you your information is safe, they're talking bollox. The only way to ensure your information is safe is not to put it online.
|
|
|
|
Post by Steve on Aug 26, 2023 23:42:03 GMT
. . . .If this wasn't so serious, it would be hilarious . . . Exactly. Yet another case (after the NI one) where extremely sensitive information hasn't been air gap separated from outside accessible systems. This is basic IT security for sensitive data but I bet what's happened is no one has placed the requirement on the subcontractor to treat it as sensitive information and if they did no one has audited them. Senior people at the Met need sacking and held personally responsible for the needed compensation to the affected officers. At at least £10k per that will of course bankrupt them but it will encourage others to wake up and get it right. |
|
|
|
Post by Red Rackham on Aug 27, 2023 0:25:45 GMT
. . . .If this wasn't so serious, it would be hilarious . . . Exactly. Yet another case (after the NI one) where extremely sensitive information hasn't been air gap separated from outside accessible systems. This is basic IT security for sensitive data but I bet what's happened is no one has placed the requirement on the subcontractor to treat it as sensitive information and if they did no one has audited them. Senior people at the Met need sacking and held personally responsible for the needed compensation to the affected officers. At at least £10k per that will of course bankrupt them but it will encourage others to wake up and get it right. Northern Ireland was different, that was an accident, human error. It doesn't excuse it, in fact it exposes the insecurities of online information. However, it doesn't matter how secure we are told our information is, criminals are always one step ahead. |
|
|
|
Post by Steve on Aug 27, 2023 1:22:02 GMT
Exactly. Yet another case (after the NI one) where extremely sensitive information hasn't been air gap separated from outside accessible systems. This is basic IT security for sensitive data but I bet what's happened is no one has placed the requirement on the subcontractor to treat it as sensitive information and if they did no one has audited them. Senior people at the Met need sacking and held personally responsible for the needed compensation to the affected officers. At at least £10k per that will of course bankrupt them but it will encourage others to wake up and get it right. Northern Ireland was different, that was an accident, human error. It doesn't excuse it, in fact it exposes the insecurities of online information. However, it doesn't matter how secure we are told our information is, criminals are always one step ahead. The final act was human error, the woefully incompetent design of the IT system and procedures was criminal negligence If you ever get to see a properly set up secure facility you'd see that there is no way a sensitive file gets to be on any IT equipment connected to the outside world. Try and access it from email you'll see nothing, try to copy the file across to the machine that does the email and (a) it won't and (b) an alarm will go off. |
|
|
|
Post by Red Rackham on Aug 27, 2023 1:32:50 GMT
Northern Ireland was different, that was an accident, human error. It doesn't excuse it, in fact it exposes the insecurities of online information. However, it doesn't matter how secure we are told our information is, criminals are always one step ahead. The final act was human error, the woefully incompetent design of the IT system and procedures was criminal negligence If you ever get to see a properly set up secure facility you'd see that there is no way a sensitive file gets to be on any IT equipment connected to the outside world. Try and access it from email you'll see nothing, try to copy the file across to the machine that does the email and (a) it won't and (b) an alarm will go off. And yet scammers successfully hacked the Metropolitan Police. How very dare you, I have been inside very secure facilities, I have carried documents that required me to carry a sidearm. You will probably scoff, but I assure you I'm telling the truth. |
|
|
|
Post by Steve on Aug 27, 2023 10:10:23 GMT
No they did not hack the Met. They hacked the subcontractor the Met didn't do proper due diligence or ongoing monitoring on and who clearly had a woefully inadequate IT system.
But hey ho some Met official got a bonus for finding a low cost bidder.
And have you ever used the IT systems inside secure facilities? I think not.
|
|
|
|
Post by wapentake on Aug 27, 2023 10:36:34 GMT
No they did not hack the Met. They hacked the subcontractor the Met didn't do proper due diligence or ongoing monitoring on and who clearly had a woefully inadequate IT system. But hey ho some Met official got a bonus for finding a low cost bidder. And have you ever used the IT systems inside secure facilities? I think not. He didn’t say he used IT in a secure facility did he said he’d been there,have you been in a secure facility? |
|
|
|
Post by Steve on Aug 27, 2023 14:09:01 GMT
No they did not hack the Met. They hacked the subcontractor the Met didn't do proper due diligence or ongoing monitoring on and who clearly had a woefully inadequate IT system. But hey ho some Met official got a bonus for finding a low cost bidder. And have you ever used the IT systems inside secure facilities? I think not. He didn’t say he used IT in a secure facility did he said he’d been there,have you been in a secure facility? I've been in MoD main building and given a detail description of how they stop protectively marked files being on networks and equipment they shouldn't be on and I've been in a highly secure intelligence centre about which I best say nowt and I worked for nearly 40 years in list X sites where they know a thing or a thousand about not putting sensitive information on insecure networks. Will that do? |
|
|
|
Post by wapentake on Aug 27, 2023 14:15:23 GMT
He didn’t say he used IT in a secure facility did he said he’d been there,have you been in a secure facility? I've been in MoD main building and given a detail description of how they stop protectively marked files being on networks and equipment they shouldn't be on and I've been in a highly secure intelligence centre about which I best say nowt and I worked for nearly 40 years in list X sites where they know a thing or a thousand about not putting sensitive information on insecure networks. Will that do? So you’ve been in a secure facility,oh bugger and they let you out  There’s no justice anymore………..open goal couldn’t resist  Btw I binned my op in the duplicate thread so if you do the same it should disappear. |
|
|
|
Post by Steve on Aug 27, 2023 14:19:18 GMT
and will do
|
|
|
|
Post by Red Rackham on Aug 28, 2023 6:17:58 GMT
No they did not hack the Met. They hacked the subcontractor the Met didn't do proper due diligence or ongoing monitoring on and who clearly had a woefully inadequate IT system. But hey ho some Met official got a bonus for finding a low cost bidder. And have you ever used the IT systems inside secure facilities? I think not. No I never used IT systems inside secure facilities! Why would you think I had? I doubt most people could imagine the secure buildings and facilities I was familiar with, albeit a few years ago now. There are, or were, some secret underground facilities in London right under people noses yet the local population knew nothing about them. |
|
