Tag: ministry of defence

MoD lost over 200 computers in the last year

The Ministry of Defence had 206 computers stolen in the past year, along with a number of BlackBerry phones and other mobile devices, department figures have revealed.

As well as the loss of computers, 34 BlackBerry devices went missing during the financial year 2011-12, as well as 24 other mobile devices.

The number of PCs and laptops being lost or stolen from the department is lower than the previous year, when 371 hardware items went missing.  There was an increase in the number of mobiles that were unaccounted for, including BlackBerry devices used by civil servants and Ministers for departmental business.  

MoD minister Mark Francois said in a statement that the department is looking at new ways to prevent the theft or loss of devices.

“The Ministry of Defence takes any theft of, loss of, attacks on, or misuse of, its information, networks and associated media storage devices very seriously and has robust procedures in place to mitigate against and investigate such occurrences,” the Conservative MP said. 
“Furthermore, new processes, instructions and technological aids are continually being implemented to mitigate human errors and raise the awareness of every individual in the Department.”

TechEye has approached the MoD to find out whether this includes the use of device tracking software, but is yet to receive a reply.   

Francois added that there has been no reason to believe that any sensitive information has been accessed as a result of the theft or loss of IT equipment.

“Following thorough investigations, the Joint Security Co-ordination Centre has not received any evidence that demonstrates that the information has been compromised,”  he said.

“A significant number of the incidents involve information that had been encrypted to government standards and, while the data was lost, the chance of compromise of encrypted information is deemed to be minimal,” Francois said.

Francis Maude to warn MPs on hacking threat

The Daily Telegraph has branded disgruntled hackers attacking big brands as “terrorists”, as Cabinet Office minister Francis Maude gets ready to brief MPs on a new cyber security initiative that hopes to combat attacks that cost the UK “billions”.

In its ‘terrorism in the UK’ section, the Telegraph warns that big name companies are increasingly facing attacks that bring them down on a ‘daily basis’. It did not point the finger at any specific groups.

Late last month, Paypal claimed in court that hackers afilliated with Anonymous cost it £3.5 million.

Francis Maude will later today outline details of a £650 million initiative that proposes to protect Britain from cyber attacks while also offering to outsource expertise abroad as a business venture, the Drum reports.

Just how much DDOSing companies who operate in the UK is costing the wider economy – considering the latest in the PAC tax fiasco that focused on just three firms – is up for debate. However, unnamed senior government officials told the Telegraph that they were shocked to hear from Adidas who consider online attacks part of a “daily routine”.

Aside from big business losing out, the official warned that the Ministry of Defence’s networks also get attacked daily, although he didn’t comment on just how much and the severity of the attempts. A former staffer at the MoD told us under condition of anonymity last year that the department faced thousands of botnet attacks a day – and that many of them came from China, with the attacks decreasing ‘significantly’ when Chinese IP addresses were blocked.

There were also attacks against Britain’s critical national infratructure (CNI), and that the official’s department spends “an awful lot of our time helping and advising members of the CNI to protect their infrastructure”.

The official conceded that part of the conversation now is understanding options in the cybersecurity space – including offence.

Cambridge study claims UK overspending on antivirus

A government backed study has claimed that too much is being spent on antivirus software in the fight against cybercrime, but this is a view one security expert believes is too simplistic.

A study at the University of Cambridge has concluded that the amount spent on preventing computer based criminal attacks is out of proportion to the cost of the threat itself.

The study, described as the first systematic estimate of the direct and indirect costs of cyber crime, claims that more should be spent on actually apprehending criminals rather than in the anticipation of the events.

Previous reports into the cost of cybercrime have been deemed wide of the mark. A Cabinet Office backed study reported that online criminality is hitting the UK economy to the tune of £27 billion every year.  This figure has been disputed by industry figures.

In fact, the report claims that the online scams are costing citizens on average a few pennies a day.  

Each year, the country spends US$1 billion on fighting threats,  with $170 million going on antivirus software. This contrasts with $15 million spent on law enforcement.

The “straightforward conclusion” that the researchers draw from this is to “spend less on defence and more on policing”.

This contrasts with the view of MPs recently backing calls to invest more in cyber crime awareness campaigns such as Get Safe Online, which aim to stop cybercrime becoming a problem in the first place.

Speaking with TechEye, Security expert at Sophos, Graham Cluley, said both prevention and policing are required.

“It seems very simplistic just to say let’s stop spending money on antivirus and let’s go and get some cops,” Cluley said. “We need to invest in fighting computer crime both on the legal level and protecting your computer”.

“It is not an ‘either’ ‘or’, you need both of these things,” Cluley said. “Anyone who goes online without antivirus software and goes browsing around the web will pretty quickly come to the conclusion that they should have got some antivirus”.

Cluley believes police time spent fighting crime is admirable, but it is difficult to provide immediate protections against cyber criminality.

“Sometimes these investigations take years to gather all the evidence and bring people to justice,” he said. 

“In the meantime you are going to have to do something lse to protect your computer as well,” Cluley said.

MoD contracts company to kill multi-vendor nightmare

Britain’s Ministry of Defence has given the green light to a company called PB Partnership to work on proof-of-concept software which promises to cut down on multi-vendor products on the battlefield.

PB Partnership touts itself as a company that specialises in developing software specifically for the battlefield and “other challenging environments”. Now, the MoD thinks that PB’s 2iC software can co-ordinate military tech from current suppliers.

PB claims that the 2iC software helps military gear work together “seamlessly” in difficult environments. The company says that there’s no software on the market right now which will let technology for war operate together – so that cameras, sensors and computer systems can operate side-by-side without a hitch and effectively as one piece of equipment.

PB says that is why 2iC is vitally important. Rather than struggling with kit that doesn’t talk to each other, 2iC, PB claims, unifies everything and frees up the time of soldiers.

Good news for critics of the spendthrift MoD, then, if PB is to be believed – because you can cut out the chaff involved in forcing systems into working together. 

The company believes its software will be able to understand the language of multiple vendors and that it doesn’t require a deep understanding of each to do so, whether it’s proprietary or open. 

PB’s project is backed by Selex Galileo’s Battlespace Solutions Business Group and Ultra Electronics, Command & Control Systems, which sound very scary.

According to a statement, the proof of concept demo should surface in March 2012. Terms of the contract were not disclosed. 

China's ZTE opens infrastructure testing in London

Chinese ZTE is one of the most fascinating companies doing the rounds right now, and it is moving in next to major internet hubs for the United Kingdom, the telehouses hosted in London’s Docklands. 

Its innovation centre has opened, which is a network and development project – the first of 10 it plans to open around the world. It will sit next to a QiComm data centre. The plan is for ZTE to test its infrastructure live for both wired and wireless networks. It will be housed in Greenwich View, just down the road from the heart of the UK’s financial sector. 

MD of ZTE UK, Jim Jing Hui, said in a statement: “ZTE is now a force to be reckoned with in the UK telecoms infrastructure market.” Indeed, it wants its paws in every other pie too, from consumer electronics all the way back up to infrastructure. And it’s succeeding. 

Although ZTE claims it will be helping the UK boost its infrastructure, there may be other concerns.

Rival Huawei was recently turned down for offering wireless networks on the London Underground in time for the Olympic Games. Security reasons weren’t made public, but industry watchers noted that a company entrenched with the Bank of China and the Chinese military operating a huge network essential to business and close to government should have raised eyebrows.

High level government security breaches often see the finger pointed squarely at China, while Lawmakers in the United States have voiced similar worries about ZTE’s ties at home. A source close to the Ministry of Defence in the UK told us last year that blocking malicious IP addresses from China would significantly lower the amount of attacks on UK IT systems, until they found another way around. 

Along with Huawei, ZTE is busy reassuring the world and its dog that it has nothing to worry about.

Both are already rolling out infrastructure worldwide, not just in the APAC region but across Europe and, they hope, the America too.

Soon enough relatively cheap technology from China will be powering the world. 

 

MoD spends £6 million on BlackBerrys

Details have been revealed of departmental government spend on mobile devices with costs in some spiralling into the millions.

Conservative MP for Finchley and Golders Green, Mike Freer, sent written questions to Whitehall demanding a breakdown of the amount of officials given mobile devices and the amount spent in total on handsets and “related data services”.

The highest costs landed with the Ministry of Defence, which provided comprehensive figures including more than just officials as requested, with the total for Ministers, civil servants and armed forces as part of the Defence Fixed Telecommunications Service hitting £6.6 million for an array of BlackBerrys and 3G data cards.

This included a total of 45,306 devices given to employees.

For officials, the Transport Department showed the largest usage – with 7,757 officials split across its seven executive agencies accounting for an impressive £1.5 million spent on devices.

It seems with a freeze on pay increases in the civil service the Transport Department has taken to handing out free mobile devices to all of its staff as a form of compensation.

Meanwhile 1,741 staff handed a mobile at the Department for Health drummed up costs of £738,301 “including contract and usage charges”.

Of this expenditure, Minister for Health Simon Burns recently highlighted a loss of equipment including the ubiquitous RIM BlackBerry and Lenovo laptops due to theft amounting to £13,166.

Other answers show that the Department for International Development handed 728 officials mobiles, with a total spend of £222,789, though Secretary of State Alan Duncan was unable to provide a full estimate of the overseas spending due to the cost of collating the data – which does not exaclty bode well.

The Department for Communities and Local Government also doled out 725 mobiles to its staff at a cost of £113,000, while the Northern Ireland Office spent £13,957 on mobiles and services to 52 staff, and the Scotland Office provided 27 members of staff with £12,757 worth of freebies.

Army computer system overpays by £783,347

An error in the use of a new British Army computer payment system has meant that junior army officers have been forced to pay back a sum of money following an overpayment amounting to over three quarters of a million pounds.

Early this week Conservative MP for North East Milton Keynes Mark Lancaster said in a Commons Debate that cash amounting to £783,347 had been erroneously given to recipients on various pay grades due a mistake made in data entry into the much maligned Joint Personnel Administration system.

“After the introduction of joint personnel administration-the new payment computer system in the Army there has been a problem with some junior ranks in the British Army being effectively overpaid for a number of months,” he said. “That has amounted to a sizeable sum for some individuals. I do not think any fair-minded person would suggest that that money should not be paid back; it is an overpayment and we would all expect to pay it back.”

“It should not have to be paid back in a single lump sum in one pay cheque; those concerned should be allowed to pay the money back over time.”

The overpayment of an incremental pay increase in fact went undetected for three years due to it being split over a large period of time, with a total of 485 officers receiving between £1,000 and £3,000 dependent on pay grade.

A source at the Ministry of Defence told TechEye that, as Mr Lancaster said, those who received the over payment would not be forced to pay back the sum in one go, claiming that the MoD would not be doing anything to cause financial hardship. 

Furthermore it is not within legal guidelines to take more than three days wages from a salary of one month.  Of course it may come as little comfort to those who are continuing to pay off the mistake, as, while they may not have noticed the extra money coming in, it is fair to say they will certainly miss it going out.

The MoD source was adamant however that the overpayment was not due to a fault within the system, which it insists works fine – rather a human administrative error involving the transfer of details.

MoD gives £11m defence contract to Saab

The Ministry of Defence has awarded Swedish auto maker Saab a contract to provide Counter-IED (Counter-Improvised Explosive Device) training for the British Army.

Saab appeared over the moon about the contract today, issuing a statement trumpeting about the one-year contract. And it’s hardly surprising as, according to Saab, it is worth an estimated £11 million.

“Saab has developed a new modular training system to meet the evolving need to train troops in counter-IED,” said Gunilla Fransson, head of business area security and defence solutions within Saab.

“The system will be used prior to and on operations in remote environments with embedded personnel. I am fully convinced that this capability will save lives.”

According to Saab, the training will be delivered by its newly developed instrumented training system ATES C-IED. This is described as a “fully instrumented tactical engagement system developed to meet the training needs of current and future improvised explosive devices threats and the wider aspects of counter insurgency”.

Saab will provide a managed training service with expert field teams to support the use of ATES C-IED as well as delivering post-action analysis. The company said the system supported the rapid adaptation of TTP:s (Tactics, Techniques and Procedures) and the equipment necessary for units to remain “steps ahead of potential adversaries”.

Saab said it started working with the MoD in September 2009 when it was asked to help the army address the C-IED threat more effectively. By last December, Saab had recognised that most of the training and evaluation capability already existed – and the shortfall was based on the need for objective evidence about the use of the Hand Held Metal Detectors.

It added: “By using existing technology in an innovative manner, Saab was able to integrate a prototype module in less than 53 days. With a better understanding of the need the MoD were able to set a Concept Demonstrator Demonstration contract on Saab. Over the months of September and early October 2010, Saab trained 1612 personnel from 16 Air Assault Brigade before their deployment on operations.”

The MoD contract was therefore awarded to a Scandinavian, not British, company. We’re not sure if this was because British companies lacked the tech know-how for the job – or were just too expensive.

We contacted the MoD to ask them about their policies for dishing out multi-million pound contracts. They are working on a response for us.

Meanwhile, experts today warned that the government’s spending review would boost the push for IT offshoring.

Sarah Burnett, Ovum senior analyst, said the review, expected on Wednesday, would bring little unexpected news for the IT industry.

She explained: “The government’s policy for cutting public sector IT expenditure has been made clear through the imposition of a moratorium on new IT investment, spending limits set for the future and on-going negotiations with IT suppliers to push down costs of existing contracts.

“The reality of the cuts is that government departments and suppliers will be left with little choice but to go for the cheapest options for service delivery and that will boost the push for off-shoring.”

Burnett said demand for off-shoring would first grow as a result of the government’s negotiations with existing IT suppliers to deliver the same for less – offshoring is one way for suppliers to deliver the requisite cuts in prices.

In addition, the spectre of a 25-40 percent reduction in spending would boost demand for business process outsourcing (BPO) among government departments. Burnett highlighted that fact that when costs are the primary driver for change, BPO becomes an attractive proposition.

She continued: “The government and suppliers still have political barriers and legal hurdles to deal with: the voting public is unlikely to approve of public sector jobs going off shore and legislation such as the Transfer of Undertakings (Protection of Employment) Regulations 2006 (TUPE) means that benefits such as public sector pensions have to be considered in prices as part of the transfer of services to outsourcing companies.

“Despite this, offshoring is being considered by the industry.

“However, the situation in local government will be different where elected members are expected to continue to oppose offshoring and to push for change that boosts jobs and businesses locally.”

* Update: An MOD Spokesperson said: “Counter-IED operators deploying to Afghanistan are benefiting from cutting edge technology developed by SAAB. The new training has been introduced as an urgent operational requirement and will help troops detect the deadly devices planted by the enemy that are killing and injuring Afghan civilians and ISAF troops alike.”

A Saab spokesman told TechEye that about 80% of the jobs created by the new contract would be British. He said at least 30 people in the UK would work on the training project.

Computer could reveal Army major a spy

Confusion reigns over whether an Indian Army major had been sending secret emails to Pakistan.

The Army and the Ministry of Defence think that the Army major based in the Andamans was the victim of a hacking by Pakistan. But spooks at the National Investigation Agency (NIA) are not so sure.

The major was brought back to the Indian capital for questioning by the NIA  after US intelligence picked up some unusual traffic from his computer.

US spooks were looking into the activities of Lashkar-e-Taiba operative David Headley. They found a user in Andaman and Nicobar Islands dispatching to a computer in Pakistan a picture of a serving Indian brigadier who was attending a training programme in the US.

The Indians started looking at the major and found that sensitive information was being accessed from two proxy servers one of which was based in Pakistan.

A forensic report has also pointed out that some key files and e-mails were deleted from the computer after it was seized by authorities.

The major has pleaded ignorance and the army and the defence ministry have ruled out espionage, saying it was a cyber security breach.

The NIA say that the major had been breaching the stringent Official Secrets Act. He had more than 2,500 defence presentations on his personal computer, much beyond his sphere of work. Some of these files, the sources said, are “secret and even top secret”.

The computer is currently with the Central Forensic Science Laboratory (CFSL) in Hyderabad. 

Ministry of Defence workers leaking information on Twitter

Ministry of Defence workers have leaked vital information and secrets on social networking sites like Twitter and Facebook.

In the past 18 months, 16 leaks have been recorded by the MoD, and ten staff have reportedly been ‘disciplined’. These workers could work in any part of the Ministry of Defence including the Armed Forces.

The information came to light when a London PR agency made a freedom of information request on behalf of security vendors, F-Secure.

Although Facebook and Twitter are not banned from the MoD, as they are in so many private sector offices, there is a departmental code which advises employees: “Remember you are a member of HM Forces/MOD civil servant. Observe the same high standard of conduct and behaviour online as would be expected of you in your professional or personal life.”

F-Secure was, of course, on hand to give out advise and tell us all how awful it is, blaming foolish employees and tricky Facebook settings that might outfox an MoD worker.

“It’s worrying that employees in sensitive positions have been sharing confidential information via Twitter and other means,” said F-Secure’s security expert Mikko Hypponen

“They might think they are confiding in friends or family when they go on Facebook. However, the recent changes in Facebook’s privacy settings might make them disclose information to the world. This is a potential security risk.”