British Government Departments And Private Organizations Combat Cyber-attack

By Author: eccuni
Total Articles: 211
Comment this article

Websites of government departments, private bodies and businesses in United Kingdom (U.K) are under constant cyber-attacks. The attacks may originate from cybercriminals, activists loyal to foreign countries, and rival intelligence agencies. Recently, George Osborne, the Chancellor of U.K's exchequer revealed that government networks face over 20,000 e-mail attacks every month. The Chancellor revealed that computer systems in Treasury department alone were subject to hundreds of security breach attempts by rival intelligence agencies during 2010. The attacks aim at stealing confidential government documents. In one of the cases, attackers swiftly circulated a malicious e-mail, strikingly similar to a legitimate e-mail on G-20 Summit. The attackers replaced the legitimate attachment with a file containing malicious code. French government departments also faced similar attacks during the G-20 summit.

Recently, the website of Public and Commercial Services Union (PCS) suffered cyber-attack, resulting in severe technical problems. Information security professionals are investigating the incident. Preliminary investigations ...
... suggest that Union's site was target of distributed denial-of-service (DDoS) attacks. The attacks have caused disruption in services to legitimate users. Usually, attackers use compromised computers to initiate simultaneous requests to a target resource. The high volume of traffic either causes complete disruption of services or causes the target website to respond slowly to legitimate requests. The Union has around 290,000 members, and is one of the largest trade Unions in the U.K. According to the Union, investigations have not revealed any loss of member data. The attack comes just days before the annual conference of the Union in Brighton.

The cyberspace has provided a convenient platform for rival countries, and cybercriminals to launch information warfare or steal confidential information. Government bodies and business organizations must constantly evaluate the strength of the IT infrastructure to deal with the sophisticated threats emanating from the Internet. Loss of classified information may have serious repercussions on the national security. Professionals qualified in IT degree programs and security certifications may help in timely identification and remediation of security flaws.

Information security awareness among employees is crucial to defend an organization's computer systems from malicious attacks. E-learning and class-room training programs may help employees to understand various security threats, security tips, incident management procedures and best practices in information security. Organizations may also make mandatory for employees to undertake online IT degree programs to ensure adherence to safe online computing practices. They must have adequate mechanisms in place to monitor implementation of security policies and guidelines. They must counsel erring employees to adhere to the IT security policy of the organization.

Organizations and government departments must adhere to the security advisories, install latest software, web browsers, and intrusion detection and prevention systems. IT professionals must replace default passwords on devices, with stronger unpredictable passwords. IT professionals may benefit from Online IT courses to upgrade their technical skills in accordance with the latest threats. Organizations must have proper patch management policy in place to schedule, identify, prioritize and apply relevant security updates to computer systems and network devices. They must constantly monitor traffic to websites, identify discrepancies, and block suspicious IP addresses.