IT Essentials: No honour among thieves
The criminal with a conscience doesn't exist
Local government does the grunt work, but criminals are putting the most vulnerable in society at risk - and we need to stop making excuses for the ones who don't.
A few months ago, I had to deal with my local council at very short notice. All I needed was a signature, but I needed it that week to prevent a house purchase - seven months in the making - from falling through.
I thought I was out of luck; there was no way local bureaucracy could ever move that quickly. Those fears seemed to be confirmed when it turned out that the first person I needed in a chain of approvals only worked at the council one day a week.
Lo and behold, it did work out and I was able to buy my house, albeit with a lot of standing around and looming to make sure I wasn't forgotten, and I'll always be grateful to the people working there for their help.
In the UK, as in most modern democracies, local government does the grunt work. While the national government concerns itself with the big picture, like debt, taxes and whether it's cheaper to fly people to Rwanda than process them in Kent, local councils are looking after bin collections, tree felling and childcare. They are the frontline of service provision, and also one of the least protected attack surfaces in the UK.
A cyber incident at Leicester City Council, this week confirmed to be a ransomware attack, has thrown that fact into stark light. Essential services like child protection, homelessness support and adult social care were affected, putting some of the most vulnerable members of society at risk. The same group, INC Ransom, was also behind a recent attack on NHS Dumfries & Galloway in Scotland. Honourable criminals, they ain't.
As a society, we love stories about criminals with a conscience. Whether it's a ban on targeting children, respect for the elderly or protecting women, something about a bad person with a heart of gold keeps drawing us in. Occasionally, stories even crop up about cyber gangs apologising for their actions. Inevitably someone will call them "one of the good ones," as if there's a sliding scale of data theft.
It should be obvious, but I'll say it anyway: there is no such thing as a good criminal; the clue is in the name. Ethics are discarded as soon as they're no longer profitable or convenient. So please, let's stop making excuses and giving cyber gangs leeway because they had the grace to put peoples' jobs, rather than lives, at risk.
We'll be talking more about this subject at the Cybersecurity Festival on the 2nd May. Spaces are limited, so sign up for your free place now.
Recommended reads
Germany is renowned for its efficiency, but its green credentials took a hit in 2023 when it phased out nuclear power. The country's rail operator, Deutsche Bahn, has stayed on track though, using Kubernetes to build its own energy monitoring system for real-time visibility. John Leonard sat down with Dr Gualter Barbas Baptista at Kubecon in Paris to learn more.
Silos are anathema to most IT leaders, but in most companies the entire IT department operates separately from the wider business. That wasn't acceptable to Richard Corbridge, CDIO at DWP Digital, and he explained to me how he set about to stomp silos when he joined last April.