Steve's Security Blog | @northvein

A well known high street supermarket received a fine from the Information Commissioner's office (ICO) yesterday. I had a look at the details and you can too.  It's not a vast sum but it should be cause for embarrassment. It should also be cause for concern for anyone working there who has anything to do with data protection given the approaching changes to the ICO's powers coming next year with GDPR .  There are still a lot of people who think GDPR will be the next Y2K - I've literally heard two separate groups of people say this. I think a lot of people think that the ICO is a paper tiger and if you pushed them for an example of their actions they'd at best recount TalkTalk's record £400,000 fine. I thought then it might be interesting to review all of the monetary penalties the ICO has issued since the start of this year up to yesterday. All enforcement notices can be viewed online  here .  ICO Monetary penalties - 01/Jan/17 to 17/Jun/17, Introdu

The media coverage of the recent major systems outage at British Airways is some of the worst I can recall reading. Essentially a national institution working in an industry synonymous with resilience, safety and preparation is making a drama out of a crisis and many technical practitioners are still trying to understand what happened.  In the most recent reports, it sounds like a contractor accidentally switched off the power in their datacenter and with it, toppled the first domino in a series which lead to 750,000 passengers being unable to fly and an as yet to be calculated compensation bill.  "It was not an IT issue, it was a power issue" -  British Airways  Nothing in the information they’ve released so far really explains how this course of events came to transpire nor does it provide any confidence or assurance around BA’s approach to business continuity planning (BCP) or disaster recovery (DR). Essentially, someone was able to gain access to and then p

Distributed denial of service (DDoS) attacks are now an established aspect of the threat landscape. The number of attacks reported continues to rise, as does the recorded peaks for the traffic they can deliver. ‘Booter’ services, the prevalence of poorly configured IoT devices and access to command and control operations for botnets like Mirai mean threat actors need relatively low levels of sophistication or competence to disrupt or completely disable unprepared organisations. Even those organisations that already have countermeasures in place must remain alert and aware to threat actors who adjust their tools, techniques and procedures (TTPs) to circumvent controls or exhaust and overwhelm defenders.  Booter Service “There is a lack of ultimate control associated with this attack. You can’t prevent attempts, and likely need to rely on help from some upstream allies to defend if/when attempts are made. If someone points their botnet at you, hopefully you have a p