TalkTalk advised not to talktalk about their breach?

Advent IM

According the International Business Times, the Metropolitan Police advised TalkTalk not to discuss their breach. (you can read the article here)

Here, in conversation on the topic , is Advent IM Directors, Julia McCarron and Mike Gillespie and Security Consultant, Chris Cope.

Chris Cope small headshot Chris Cope

“This is interesting as it shows the 2 different priorities at work.  For the police, the key aim is to catch the perpetrator.  This often means allowing an attacker to continue so they can be monitored on the network and their activities logged and traced without causing them to suspect that they are being monitored in such a way.  The Cuckoos Egg details how the Lawrence Berkeley Lab famously did just this in response to a hack of their system.  However, TalkTalk have a duty of care to their customers.  If personal information could be used to steal money, then they must weigh up the…

View original post 434 more words

Advertisements

Why would anyone want to hack the weather?

Advent IM

A review of the news of the BoM attack  from Security Consultant, Chris Cope.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

Or more precisely, why would anyone want to hack the Australian met office?  Well, its happened and officials are quick to announce that the damage will take millions of dollars to fix and that China was responsible for the hack.  Its not the first time that allegations have been made against Chinese hackers and, with the information available, it is pure speculation for non-official sources to speculate on how accurate the Australian allegation is.  But what is interesting is the close links between the Australian met office and the Ministry of Defence.  The nature of the links aren’t specified, but for an attacker looking to infiltrate the Australian Ministry of Defence, the obvious ways in are more than likely to be heavily protected.  But what about subsidiaries?  Could the Australian met office represent a weak link? …

View original post 140 more words

Cyber Monday top tips

Advent IM

Cyber Monday is upon us again.. or should I say #cybermonday. Anyway, I asked our Security Consultants to come up with some top tips to help you shop a bit more securely for your Christmas gifts and decorations. Thanks to Chris Cope and Del Brazil for this.

  • HTTPS (other online vendors are available)   Always check for the padlock or green URL to confirm the ID of the website. If your security software is highlighting a problem then don’t ignore it;
  • Use secure passwords on websites you set up accounts with;
  • Pay on credit card if possible to gain on insurance;
  • Use reputable websites, sites that look too good to be, true usually are;
  • Be wary of being transferred to another webpage –Don’t follow links emailed to you, visit the website yourself;
  • Make sure no one is looking over your shoulder capturing your card details etc;
  • If there are any issues…

View original post 31 more words