Editor's News

Businesses see the benefit of security and understand the threat, but technology remains challenging. If an executive were to say “I don't understand technology” they would be saying “I don't understand the world in which we operate”, according to Protiviti managing director Jonathan Wyatt. Speaking at a company event in central London, Wyatt said that cyber security is “dominating the risk agenda” as there is a realisation that attackers do not to be creative and...

A company can lose around £100,000 per hour during a distributed denial-of-service (DDoS) attack. According to Neustar's third annual UK and EMEA Distributed DDoS survey, 40 per cent of the 250 recipients estimate losses of over £100,000 per hour at peak times during a DDoS outage, while more than half of companies attacked have critical data stolen as a result of a DdoS. Rodney Joffe, senior vice president and technology fellow at Neustar, said that...

Businesses are becoming more reliant on free anti-virus software, as the technology improves at consumer level to match that of the paid for equivalent.   Speaking to IT Security Guru, Stuart Okin, director of EMEA at CIPHER Security said that one of the key trends that he sees is a move from using enterprise-edition anti-virus to free software, as investment is made in incident response software instead.   He said: “With file integrity monitoring, that...

Dr Bob Nowill has been named as the new chairman of the Cyber Security Challenge UK.   Replacing the retiring Judy Baker, who launched the challenge in 2010 and oversaw five winners, Nowill will take on the position from 1st April. Formerly a director of Cyber for BT and director of technology and engineering for GCHQ, he has been a board member of the Challenge and has been involved with the growth of the organisation...

Thousands of British Airways frequent flyer accounts were accessed after hackers used information collected from a third party to try to gain access to some accounts.   In a statement, BA said that the access was “login information relating to a different online service which you may have also used to access your Executive Club account”.   It said: “We would like to reassure you that, although it does appear that the login attempt was...

Gaming giants Sony and Microsoft may consider working together to combat DDoS attacks.   In an interview, Phil Spencer, the head of Microsoft, revealed that he doesn’t consider the PlayStation Network going down to be a positive event, and said that “all it does is put the fear and distrust from any gamer that’s out there”.   He said: “So I look at all of us together as this is our collective opportunity to share...

The RC4 protocol remains a troublesome part of the SSL, and weaknesses allow for a new Man-in-the-Middle attack vector. According to the new Hacker Intelligence Initiative Report from Imperva, titled “Attacking SSL when using RC4”, an attack which targets the very basic encryption which is used by SSL/TLS, as well as independently of SSL/TLS, can break supposedly sensitive communications. Around 30 per cent of SSL connections use RC4, despite the cipher being designed more than...

The Reform Government Surveillance (RGS) has issued a public letter urging Congress to reform the United States bulk collection practise. In an open letter, organised by the Open Technology Institute, and signed by the American Civil Liberties Union, EFF, Mozilla, Human Rights Watch and Wikimedia among others, it calls to reform section 215 of the USA Patriot Act, which currently serves as the legal basis for the National Security Agency’s bulk collection of telephone metadata and...

Threat intelligence is rapidly becoming an ever-higher business priority with a general awareness of the need to ‘do’ threat intelligence, but vendors are falling over themselves to offer a confusingly diverse array of threat intelligence products.   According to MWR senior security researcher Dr David Chismon, there is a risk that in the hurry to keep up with the threat intelligence trend, organisations will end up paying large amounts of money for products that are...

The Government needs to put in place mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyber presents.   According to a report from the House of Commons Defence Committee, titled “Re-thinking defence to meet new threats”, it is unclear as to how work on cyber warfare has developed in the Armed Forces. “The Government should tell us when it will finalise its doctrine and guidance...