Do British police get cyber security?
Davey Winder listens to telephone conversations between the FBI and the Metropolitan Police, courtesy of Anonymous, and isn't impressed.
Didn't anyone think to secure that conference call a bit more thoroughly? It seems the access details for the dial-in conference call were emailed to relevant officials by way of an e-invite - an invite that somehow got forwarded to a non-Government account which had been compromised, allowing Anonymous to not only see the invite but secretly participate in the call as a silent listener.
That knowledge of the dial-in number and, presumably a login and password circulated in the same invitation mail, was all that was required as authentication is, frankly, remarkable. Especially as that email was, as I understand it, sent to more than 40 law enforcement officers in the US and across Europe.
But it gets even worse when you realise that each participant was given the same login code, so that anyone reading the email would be able to join the call. I would have thought the people on the forefront of fighting the war against insecurity might consider unique codes for each participant.
I could understand it if the conference call was the kind that I get a zillion invites to and involve a marketing man in the US extolling the virtues of the latest mind-numbingly boring product. But no two-factor authentication, which would likely have stopped the hackers in their tracks, for a call between law enforcement agency officials? Really?
In This Article
BIOS security: The next frontier for endpoint protection
Today’s threats upend traditional security measuresDownload now
The role of modern storage in a multi-cloud future
Research exploring the impact of modern storage in defining cloud successDownload now
Enterprise data protection: A four-step plan
An interactive buyers’ guide and checklistDownload now
The total economic impact of Adobe Sign
Cost savings and business benefits enabled by Adobe SignDownload now