Goto Blog Home PageRevell Research Systems: Alastair Revell's Web Log
On this page....
<May 2010>

RSS 2.0     Atom 1.0     CDF

Blog Roll
About Alastair Revell
Alastair Revell is the Managing Consultant of Revell Research Systems, a Management and Technology Consulting Practice based at Exeter in the United Kingdom.
Contact Alastair Revell
 EMail Revell Research Systems Limited Email Me
Legal & Other Notices
Sign In
The material published in this web log is for general purposes only. It does not constitute nor is it intended to represent professional advice. You should always seek specific professional advice in relation to particular issues. The information in this web log is provided "as is" with no warranties and confers no rights. The opinions expressed herein are my own personal opinions.

Web Log Home | Welcome to this Web Log | Using this Web Log | New to Blogs? | About Revell Research Systems | Contact Details

Review Entries for Day Friday, May 28, 2010
I welcome the two IT related bills in the Queen’s Speech. The Freedom (Great Repeal) Bill will limit the amount of time that the DNA profiles of innocent people in England and Wales can be held on the national database and will adopt the Scottish model. This seems to be much more proportionate than holding a blanket database of everyone’s DNA, which was where we seemed to be heading at one point. I believe that this would have led to all sorts of problems in the future. I think that this bill now strikes the right balance between bring criminals to justice and ensuring the privacy and freedom of innocent people.
More about Alastair Revell

Friday, May 28, 2010 8:46:40 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] General | Trackback

Review Entries for Day Wednesday, April 21, 2010

I imagine that 21st April 2010 will be a day that McAfee will remember for sometime to come and probably one they would much prefer to forget!

The antivirus vendor issued its daily security update DAT5958 at 06:00 PDT (GMT-7), but by 13:00 BST (GMT+1) the update was wreaking havoc on many corporate networks in the United Kingdom, let alone the rest of the world!

The update affected Windows XP machines with Service Pack 3 applied, falsely detecting the svchost.exe file as Win32/wecorl.a. The vendor’s VirusScan product essentially prevented the svchost.exe file from running, causing Windows to endlessly reboot in many cases.

McAfee acted fairly quickly by pulling the affected virus definition file (DAT5958) from their download servers, preventing more customers from becoming involved in what must be one of the worst update issues to impact corporate networks for some time.

They released DAT5959 to replace the affected virus definition file at around 10:15 PDT (GMT-7).

This incident comes on the back of reports that many modern anti-virus products are failing to detect malware. I’ve just been reviewing Cyveillance’s February 2010 Cyber Intelligence Report, which suggests McAfee detects around 37% of emerging threats on a daily basis (based on data from the last half of 2009). Kaspersky came out on top with a daily detection rate of 38%, but many were much poorer - such as Symantec on 25%.

The time for relying on straight-forward anti-virus products seems to be coming to an end…

More about Alastair Revell

Wednesday, April 21, 2010 8:34:45 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] Security | Trackback

Review Entries for Day Wednesday, January 27, 2010

I suspect many businesses and probably most members of the general public are unaware that the fees for notification under the Data Protection Act 1998 were changed with effect from 1st October 2009. The change was made through The Data Protection (Notification and Notification Fees) (Amendment) Regulations 2009 Statutory Instrument 2009/1677 laid before Parliament by Michael Willis, Minister of State in the Ministry of Justice, on 6th July 2009.

The annual notification fee has been £35 for all data controllers, regardless of their size, since 2000. However, from 1st October 2009, two-tiers of fees have been in force.
Essentially, small and medium sized-organisations with fewer than 250 employees or less than £25.9M turnover continue to pay £35 annually and are now defined as “Tier 1” organisations. All other bodies (including any public authorities defined in the 1998 act) will now fall into “Tier 2” and must pay £500 annually.
I think the general public have come to realise over the last couple of years just how important their data is and how easily it can be lost by cavalier organisations (including government departments!)
I welcome the change in the fee structure provided the extra funds taken are used to increase the Information Commissioner’s capability to ensure all of our private data is kept more securely by those with whom it is entrusted and that those who flagrantly breach the rules are brought to task.
Many businesses see the current fee as a stealth tax and I suspect a good number of the general public too. However, I hope with the increased funding that the Information Commissioner will be seen to be doing more to actively protect the public from cavalier data controllers by everybody.
These fee increases have been introduced ahead of new powers that will come into effect in April 2010 that will allow the Information Commissioner to fine people and organisations that recklessly breach any of the eight principles that underpin the act.
These new powers were introduced as part of the Criminal Justice and Immigration Act 2008, but will only come into force in April 2010.  The Information Commissioner will only be able to fine data controllers when one or more of the eight principles have been seriously breached in cases where the breach was deliberate, or where the controller knew (or ought to have known) that the risk of such a breach was likely to cause substantial damage or distress; and the controller failed to take action to stop it.
Hopefully, these new teeth will work in tandem with the new funding to ensure all of our personal data is kept much more safely.
More about Alastair Revell

Wednesday, January 27, 2010 4:21:41 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] General | Trackback

Review Entries for Day Wednesday, January 20, 2010

Just a quick update to my earlier blog regarding the problems currently being faced by the University of Exeter. It seems the virus is exploiting known flaws in the Microsoft Vista and Microsoft Server 2008 platforms.

Zack Whittacker, who blogs for ZDNet, has a source inside the university here in Exeter. Apparently, the virus is mainly targeting Vista SP2 machines and the IT staff at the university are trying to use patch MS09-050 to reduce the attack surface.

It is understood that this virus has not been seen outside of the Exeter campus, but clearly demonstrates the disruption that a carefully crafted attack can cause.

There is a suggestion in Whittacker's blog that some critical patches had not been applied (using the Microsoft System Update Service).

We strongly believe that machines should regularly be checked to ensure that patches that should have been applied, actually have been applied. If the loop is not closed in this manner then these sorts of problems are eventually inevitable.

We are concerned that many SMEs, who often do not patch properly, may be at considerable risk if this virus escapes the Exeter campus.

In addition, I remain concerned about the zero-day virus threat. A virus that spreads quickly and easily such as this one, that exploits a flaw such as the one in Internet Explorer that saw Google hacked in China, with a drive-by infection capability on a site such as any of the international versions of Google would lead to huge economic disruption across the globe.

For starters, many people set Google as their home page, so in this apocalyptic scenario, they would be infected and spreading such a virus internally inside the organisational firewall without detection or defence the moment they went online...

More about Alastair Revell

Wednesday, January 20, 2010 9:11:14 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] Security | Trackback

It seems that the University of Exeter is currently in the middle of a major virus outbreak, which has led to their IT team shutting down the entire campus network, including their telephone system in an attempt to contain the problem.

The attack appears to have started on Monday. The campus network was shutdown at around 2:00pm as a direct response to the threat. However, the problems seem to be continuing today (Wednesday).

The university’s home page suggests that staff and students are only able to access email externally using home computers and the like.

The communications advice issued by the university says that it “is currently experiencing a severe IT incident, and as a precautionary measure we’ve taken much of our network offline. Parts of the University are being brought back online today as soon as it is safe to do so. The University switchboard is online and can accept calls, but we are unable to transfer them to some affected areas of the University.”

Sources in Exeter suggest that the virus has not been identified, but it is thought that the university was deliberately targeted. Stuart Franklin, a spokesman for the university, speaking to the local evening paper, the Express & Echo, said: “We were attacked by a virus. It was a malicious attack. It is the first time I have known such an attack to succeed.”

It seems clear that this virus is extremely virulent and has managed to spread quickly and easily. This strongly suggests that it managed to circumvent the university’s antivirus systems and may have been akin to a zero-day virus.

Although a difficult decision, I believe that closing down the infrastructure in such circumstances is the right thing to do.

This incident should provide food for thought for many organisations. The cost of closing down a network is extremely expensive in terms of lost revenue and opportunities, even before the sheer amount of professional time spent checking systems and returning them to service is taken into consideration.

In fact, this sort of attack can cause immense damage to an organisation and is relatively easy to perpetrate, which has not escaped the notice of Lloyd’s of London Emerging Risks Team in their October 2009 report: ‘Digital Risks: Views of a Changing Risk Landscape’. The report states that “The value of data can vary enormously, but for some organisations it could mean bankruptcy.”

The interesting aspect to this attack is that the university believes it was “hit by the virus deliberately”.

I think we may see an increase in this sort of attack in the future. The recession has been very deep and many people with criminal intent and technical capability across the world may turn to cyber-crime.

In the first two weeks of January, we’ve seen the national governments of France and Germany warn their citizens about security flaws in Internet Explorer after an attack on Google’s site in China (along with some 20 other organisations), which Microsoft admitted late last week were part of the attack mechanism. The code that exploits these particular flaws were published on Monday, 18th January 2010 and there are already some reports of it being used maliciously.

Although the problems at the University of Exeter and the issues with Internet Explorer are probably not connected, the trend for increased, malicious attacks is clear. 

More about Alastair Revell

Wednesday, January 20, 2010 5:02:17 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] Security | Trackback

Review Entries for Day Wednesday, December 02, 2009

I’ve been mulling over Michael Cross’ article of 23rd September 2009 for the Guardian web site for a while now, which was written in response to The British Computer Society rebranding itself as BCS The Chartered Institute for IT and announcing that it was revising its process for Chartered IT Professional (CITP) registration.

The article sported the contentious title: “IT can have its professionals, if they don’t get stroppy” with a subtitle of “Government and employers will not recognise IT ‘professionals’ if they are demanding as doctors and lawyers.” 

Mr Cross’ article highlights the tight rope that the Chartered Institute for IT walks as it tries to raise the level of professionalism in IT. The government is currently very supportive of the Institute’s moves to raise the bar in the IT profession, but Mr Cross rightly points out that “the trend could swiftly go into reverse if a new government finds IT professionals to be as stroppy and independent-minded as they find doctors and lawyers today.”
He continues: “Governments like taking expert advice – but only if it’s ‘Yes, minister’”, which certainly seems to be true with the recent resignations from various expert advisory panels because they apparently didn’t say what the current government wanted to hear.
The problem, of course, is that so called “stroppiness” is an important aspect of professionalism. A professional has a duty to their client to advise them when their actions are contrary to their professional advice and to point out the probable consequences.
It is precisely this lack of professional ethics that causes much of the damage to the public purse and, no doubt, many private purses too. As Cross chides in his article, “the IT industry isn’t shy about talking up its abilities” and he rams the point home with the anecdote that he has a corporate t-shirt that boasts a company slogan of “Mission impossible achieved”.
A major problem with the IT industry is that it is too heavily driven by sales hype that plays on the naivety of easily persuaded customers. Professionalism, on the other hand, is about telling the truth, whether the client likes the message, or not.
More about Alastair Revell

Wednesday, December 02, 2009 5:46:49 PM (GMT Standard Time, UTC+00:00)  #
Comments [1] General | IT Profession | Trackback

Review Entries for Day Saturday, October 31, 2009
Farmers Weekly has reported that the Rural Payments Agency (RPA) has lost the payment details of every farmer in the United Kingdom that has ever claimed a farm payment. The details include names and addresses, bank details, passwords and security questions and apparently were not encrypted. The number of farmers affected is believed to be around 100,000.
More about Alastair Revell

Saturday, October 31, 2009 3:01:56 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] Security | Trackback

Review Entries for Day Monday, September 21, 2009
The British Computer Society (BCS) launched its new branding over the weekend and it is clearly setting an ambitious course. The changes clearly run far deeper than just the corporate colour change from blue to green. Firstly, it is obvious from the web site that it wants to fulfil a more global role rather than just one confined to the United Kingdom. It has conspicuously stopped calling itself The British Computer Society in favour of referring to itself simply as the BCS.
More about Alastair Revell

Monday, September 21, 2009 8:29:48 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] IT Profession | Trackback

Review Entries for Day Thursday, September 03, 2009

I was pleased to just read a few moments ago on the BBC Web Site that the National Museum of Computing at Bletchley Park is to acquire the Harwell machine. It is the oldest computer in existence (depending on whether you classify the Collusus machine as a computer or not) and will definitely strengthen their growing collection.

I understand that the machine is to be dusted down and restarted as part of a renovation project. The machine was originally built and used by staff at the Atomic Energy Research Establishment at Harwell in Oxfordshire. It was designed in 1949, commissioned in 1951 and ran in regular service until 1973.

I think it is important that the IT profession looks after its heritage. We like to boast that a year in computing or Internet time is equivalent to just a few months. We need to realise that, if this is the case, that we are producing history at around four times the normal rate!

More about Alastair Revell

Thursday, September 03, 2009 5:43:56 PM (GMT Standard Time, UTC+00:00)  #
Comments [0] General | Trackback

RSS 2.0 Feed If you enjoyed reading an article on this blog, why not subscribe to the RSS 2.0 feed to receive future articles?
Revell Research Systems Logo Visit the Revell Research Systems Web Site if you want to learn more about this management and technology consulting practice.