Spooks take the wheel in UK's £650m cyber-war operations The British government's Cyber Security Strategy is giving the intelligence agencies a greater role than ever in defending business and the public against internet threats. The policy, released by the Cabinet Office on Friday, sketches a detailed framework on how the government aims to organise law enforcement efforts and …
“I’m slightly concerned that if the view of the threat landscape is too cyberwarfare/GCHQ-dominated, it may not always work to the best advantage of the private sector and home users, whose priorities and assumptions may be very different," Harley said.
This will be no help in selling 1/2 price security bloatware in PC World to Joe public and selling the anti-virus, vulnerability scanner, port locking, disk encryption, firewalls and rules analysers, IDS, IPS, HID, HIP, VPN setup tools, DLP, User provisioning, UAM tools, password vaults etc. to industry, all of which fail to stop even the simplest of DDOS attacks and do little to counter cyber warfare. They do allow industry to pass audits and comply with the law, and home users to say 'how did I get infected, I have anti-virus installed.'
Cyber attacks have been talked about for years, STUXNET seems to be the first to emerge to the public at large. The guys at GCHQ could and probably do write similar code, so currently are the best placed to advise how to defend against these types of attack.
The security industry will no doubt catch up with their fully featured latest security tool that will also secure your uranium enriching centrifuge or water pump, and is selling for 1/2 price at a PC World nearby.
Probably all sounds very believable to anyone not working in information security already...
The US Government spend an awful lot more supporting their businesses than the pawltry figure mentioned in this article and even that is borderline useless.
Still, I'm sure some people will enjoy the bragging rights of saying "I work with GCHQ!", same as others already do with "The NSA sends me intel".
The name's Bond, Premium Bond...because I've got about as much chance of success as coming up a winner.
Maybe this mention is not at the top of the list, and it does lack a hyphen, but here in the list of implementation details in the government report, 'Protecting and promoting the
UK in a digital world', is a thinly veiled reference to El Reg's critical and crucial capacity:
"11. Maintain capabilities that enable the UK’s freedom of action and cyber advantage [sic] and preserve our sovereign capabilities in niche areas. "
Who better to handle this arduous and needful task.
"The policy, released by the Cabinet Office on Friday, sketches a detailed framework on how the government aims to organise law enforcement efforts and improve the education of netizens on information security risks." ..... John Leyden
I don't know what documents you were reading, John, but the two that I read purporting to be the British government's Cyber Security Strategy, were not at all detailed and were of such a sketchy framework as to be of great comfort to anyone who would cyber skilled in the fabulous virtual arts. Every cloud though has its silver lining and in IT Clouds circles/layers is it no different, and that means that there are fantastic opportunities to excel at whatever one would wish to do in a practically open virtual field without leadership.
We need a consistent and up-to-date WHOIS database where an ISP's connection to the net depends on them having an abuse reporting address, and honouring notifications of abusive/destructive behaviour, whether from users themselves or the malware on their machines.
Such activity should be characterized as spamming, hacking, ddos, port scanning, etc, which is detrimental to the Net as a whole.
The vast majority of worldwide ISPs are delinquent, in that they simply ignore or reject complaints, assuming they even have an abuse address.
If there was a more robust system in place to marginalize those ISPs and restrict the services they can provide to their users, which will affect their bottom lines, then they might start to take notice, instead of continuing to abuse the whole net.
However, there is a dichotomy - most sites want users, hits, page views for ad revenue.
They are reluctant to ban rogue ISPs users, unless they are a consistent source of DDOS, but that is what may be required now to get some improvement done.
If more web providers could ban users based on their ISPs reputation, something would change. If the core providers on the net such as youtube, gmail, yahoo, hotmail and news sites suddenly started seriously blackholing routes (or diverting to warning pages explaining why, in native languages and what to do), from known rogue ISPs then they would surely start to clean up their acts and ensure their flocks behave.
Thanks to spamhaus and spamcop, spam from zombies is 99% blocked by those that use them. The rest is caught by spamassassin, SPF and DKIM. Spam that has any chance of getting through now originates from compromised gmail, hotmail or yahoo accounts. One hopes that the big email providers are dealing with these robustly, as simply banning their mail servers is not an option.
It is scandalous that many phishing subjects such as hmcg.gov.uk, natwest.co.uk etc still have no SPF record, let alone one with a "-all" option to at least try to protect the authenticity of mail from their domain names.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
