Urban75 Home About Offline BrixtonBuzz Contact

Data breaches/IT security failures at Sellafield, the British Library, the Guardian and UK businesses

Ultimately it’s the responsibility of Information Security in the NHS (is that what we are talking about?), to make sure that their 3rd party risk management is in order. And hopefully they are using comprehensive processes to monitor and secure their 3rd party systems and connections.
 
  • Haha
Reactions: Chz
Ultimately it’s the responsibility of Information Security in the NHS (is that what we are talking about?), to make sure that their 3rd party risk management is in order. And hopefully they are using comprehensive processes to monitor and secure their 3rd party systems and connections.

Almost all of these happen because the security measures the people ticking all of the boxes thought were in place weren’t in place. This kind of thing is very hard to detect ahead of time through the supply chain
 
Exactly. Which is why you need a uniform process approach. One of my guys, when I worked in that field, designed a paper based system so good that, it’s now his bread and butter as a lecturer.
 
Exactly. Which is why you need a uniform process approach. One of my guys, when I worked in that field, designed a paper based system so good that, it’s now his bread and butter as a lecturer.
Interesting, do you know any more about it?

Lots of postit notes?
 
Now. It’s actually an excel based system of assessments and questionnaires, allowing to categorize suppliers based on the function of their product/software/design and architecture of their connections to other third parties. He found it lifts and shifts quite easily so he quit the corporation to sell it to others. Or at least he did. I don’t know what happened post COVID. I’m no longer in that world.
 
There's been a few since thread last posted on and this one explicitly pinned on Russia

I spoke to my GP earlier to arrange a routine cholesterol test. He said that there was no point taking one for at least four weeks, because they were not able to process any blood tests because of the cyber attack.
 
So supposeldy recent breaches of TfL, Hackney council and Royal Mail
THis website is interesting....
TfL hacked by 17 year old from Walsall
Possibly same kid doing MGM Resorts
22 year old from Scotland caught doing the same style hack
So maybe for from being Russian espionage

...talking of Russia that site has several stories about Russia being attacked by anti-Putin hackers
such as
 
Attribution is incredibly difficult to prove. And TTP’s from threat actor groups will often use subterfuge and obfuscation.
I’ve seen leaked data from US weapons companies left on a sever belonging to a Scandinavian bioethanol research firm. That time it was supposedly Chinese. Other times it was Russians or a North Koreans.
Only common factor was the reporting entity of the Americans.
 
Attribution is incredibly difficult to prove. And TTP’s from threat actor groups will often use subterfuge and obfuscation.
I’ve seen leaked data from US weapons companies left on a sever belonging to a Scandinavian bioethanol research firm. That time it was supposedly Chinese. Other times it was Russians or a North Koreans.
Only common factor was the reporting entity of the Americans.
in these cases they've made arrests but yeah could be a feint
 
In this case. And my experience of police forces is that they will see through an investigation where it is clear who the perpetrators are. Otherwise 🤷‍♂️
I have raised countless fraud cases with ncp. None followed up on.
I had to explain to Northumbria police what an IP address was way back in 2006 in order to assist them in their pursuit of a paedophile gang. We were also in a position to do what they couldn’t. And we did. And they were successful. But it was purely by accident or their luck.
 
Two prominent pieces in the Guardian today

but in reading those it links to this one which I think is most important as it explicitly makes the link between Russian gangs and the Russian state

that all does need to be tampered with the fact that, as posted above on the thread, more than one high profile case has had nothing to do with Russia and rather seems to have been carried out by teenage herberts in British bedrooms
 
Back
Top Bottom