IT Essentials: Hanging by a thread

Penny Horwood
clock • 2 min read
Hanging by a thread
Image:

Hanging by a thread

The fabric of the state is crumbling, and that applies to the digital realm as much as the physical.

The Online Safety Bill finally cleared its last parliamentary hurdle this week and is set to become law by the end of the year. The government will breathe a sigh of relief that the battle to pass the highly contentious bill is, at last, over. Plenty of questions remain about the enforcement mechanisms available to the government, should Big Tech persist in its attachment to concepts like privacy but those are for later.

Computing respectfully(ish) suggests that the government now takes a look at the state of the digital public realm. Because while they've been arguing with Mark Zuckerberg and other representatives of Team Tech over whether technology which enables privacy only for good people exists (spoiler - it doesn't) it's become increasingly clear that the digital infrastructure holding data belonging to all of us, is in as parlous a condition as the physical fabric of the state. The cybersecurity framework in particular seems to have more holes in than a seventies-built primary school, and in both physical and digital worlds, bits are falling off.

The evidence? Well, we can start with the multiple attacks on police forces that were reported throughout the summer. Some of these were related to a third-party supplier, some were the result of apparent carelessness from staff, but all have resulted in the personal information of thousands of police officers being compromised and also in the case of Norfolk and Suffolk, confidential data pertaining to victims of crime, witnesses and suspects.

Then of course we have The Electoral Commission. In addition to the fact that hostile actors as yet unknown were able to lurk on the Commission's servers for well over a year helping themselves to who knows what data, it became clear recently that the Commission failed to meet the most basic cybersecurity standards around the time they were attacked. There have been attacks on schools and last week the National Audit Office warned that frontline troops could be affected by the creaking infrastructure at the MOD. Reports of data loss in the NHS due to cyberattack are commonplace.

The governments obsession with encryption has led them to overlook the blindingly obvious. Public sector digital infrastructure is crumbling in the face of continual cyberattacks and attitudes towards cyber security are unforgivably lax. Public data and public money deserve better care.  

Perhaps the biggest irony of the argument between the government and the tech companies over encryption and the possibility of client-side scanning being mandated is the apparent failure of certain ministers to realise that back doors, once opened, can be used by all sorts. The impression given of the digital public realm hanging by a thread doesn't exactly inspire confidence in the ability of those in charge to keep our data safe from those with ill intent.

 

You may also like
Rugby Union investigates 70,000-member data leak

Threats and Risks

Leaky S3 bucket has since been plugged

clock 28 May 2024 • 2 min read
Police service faces £750k fine for data breach

Threats and Risks

ICO reduces PSNI fine from £5.6 million

clock 24 May 2024 • 2 min read
Microsoft Build 2024: Five things to know about Copilot+ PCs

Artificial Intelligence

“We’re going to have a big refresh moment,” says Microsoft VP Mark Linton

clock 22 May 2024 • 7 min read
Penny Horwood
Author spotlight

Penny Horwood

Associate Editor focusing on diversity in tech and sustainability content.

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Public Sector

HMRC commits to killing legacy customs system...again

HMRC commits to killing legacy customs system...again

Thirty-year-old CHIEF system to be replaced by June

Tom Allen
clock 26 March 2024 • 2 min read
IT Essentials: Public pitfalls

IT Essentials: Public pitfalls

The private sector could shine this year, but there's a warning note

Tom Allen
clock 15 January 2024 • 3 min read
'You have to encrypt everything': Public sector security in the zero-trust age

'You have to encrypt everything': Public sector security in the zero-trust age

Years of high-profile breaches have spurred movement – at least overseas

Tom Allen
clock 18 December 2023 • 3 min read