View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 4, 2016

Remember Remember the 5th of November – Virtual Gunpowder, Cyber Treason and Bots!

Would a modern-day Guy Fawkes choose a cyber attack over a barrel of gunpowder?

By Ellie Burns

Disillusioned with the treatment of Catholics, 13 rebels planned to blow up the Houses of Parliament during the State Opening in 1605. The target – Protestant King James I, survived when Guy Fawkes was betrayed by one of his co-conspirators. The Gunpowder Plot, as it’s become known, was foiled and the gunpowder discovered before the fuse could be lit.

If Guy Fawkes were alive today, would he risk being caught in the bowels of Parliament with the barrels of powder or would he take a more ‘hands free’ approach?

 

Virtual powder kegs

We’ve already witnessed ‘virtual fireworks’ launched at the monarchy, government and many other public figures.

One recent example is the hacking of Pippa Middleton’s iCloud account. The relatively simple, yet deeply intrusive, attack resulted in private images of Kate Middleton, Prince George and Princess Charlotte offered for sale. Unfortunately, Pippa is just the latest name to be added to a long list of celebrities and public officials who’ve had their images and personal information hacked. Of course, family photos of the Royal children, while a gross invasion of privacy, shouldn’t be enough to overthrow the Royal family. However, not all electronic abuse is benign.

Of course, this isn’t the first time the Royals have been in the hackers’ cross hairs. In March last year, Prince William and Prince Harry, Kate Middleton and even Princess Eugenie and Princess Beatrice were warned to close their social media accounts and change passwords on the recommendation of Intelligence officers at GCHQ. It was suggested that cash rewards were being offered to any successful hackers who intercepted the Royals emails and private communications. While it’s not evident if any were successful, it’s unlikely to have been an isolated event.

london fireworks

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Looking at public officials, the current US election is another example where cyber security is playing an active part. Last month, The US government formally accused Russia of hacking the Democratic party’s computer networks claiming that Moscow was attempting to “interfere” with the US presidential election. That’s before we add the current Hillary Clinton email-shaped smoking gun to the mix.

What all these attacks have in common is that the criminals didn’t have to come in physical contact with their victims. All were perpetrated remotely and virtually.

 

What’s lurking in the virtual sewers? Cyber conspirators of a virtual Gunpowder Plot? Continue reading to find out.

 

Hidden in the virtual sewers

Writing for a UK national newspaper, Minister for cabinet – Ben Gummer, warned that the UK was under attack from organised criminal groups, hactivists, untrained teenagers and even foreign states.

Just as the perpetrators come in many forms so to do the attacks. From Ransomware distributed via emails, vast denial of service attacks – such as that experienced on the East coast of America at the end of October to elaborate cyber attacks that wouldn’t be out of place in a Bond movie.

At the start of 2016, Lincolnshire County Council’s computer systems were hit by gunpowder-plotmalware, causing the systems to be shut down and affecting many of its services – including its libraries and online booking systems. This week Northern Lincolnshire and Goole NHS Trust were forced to shut down the IT systems again due to malware.

Other attacks are a little more elaborate. Who can forget the hack against the Ukrainian power grid that turned off the country’s lights and heating in December 2015. Rather than opportunistic, the hackers had carefully orchestrated the attack, performing detailed reconnaissance to plan and then perform the sophisticated assault.

Attacks against critical infrastructure could be at best disruptive and at worst result in hundreds of casualties to even loss of life. Hacks can cause economic damage and erode trust. For individuals it can be embarrassing or even financially crippling. And, as is playing out in America, it could even shape governments and win or lose an election.

 

Could spending more money on the cyber-defense grid defuse a modern day Gunpowder Plot? Find out on the next page.

Defuse the situation

With the global cost of cybercrime expected to explode over the next few years (costs estimated in the trillions globally in just a few short years), investment now is essential in staving off the impact.

The UK’s recently announced the National Cyber Security Strategy will see an increased spending in the cyber-defence grid and attacking the problem from multiple fronts, as it sets out to do, is a good idea.

Investment in prevention should see a reduction in the attack surface by improving email security and taking down malicious websites. This will of course require investment in technology as well as a workforce to manage and implement their strategies.

The additional investment in security startups through the innovation fund is also an important piece of the puzzle.

For the Royal family, politicians, and anyone else concerned they could be a target, here are some practical steps to protect themselves virtually:

  • For many, having strong unique passwords for the endless number of account logins that most of us have now days can seem overwhelming. However, we must resist the temptation of re-using the same password across multiple accounts.
  • If keeping up with the numerous passwords is just too much, consider implementing a password manager that can store all of your unique logins while requiring you to only remember one “master” password.
  • If you already have a strong and unique password, the next step is enabling two factor authentication. In most cases – such as iCloud etc., it is a simple text message code sent to the registered mobile device when accessing the account. Most cloud storage services offer this feature but typically it must be enabled by the user.

As we watch the explosions in the sky this Bonfire Night, its a good time for businesses and individuals to reflect on their own cybersecurity practices and consider doubling their efforts in the face of this ever-growing threat.

By doing so, hopefully a modern Guy Fawkes would be unable to gain access to the virtual underground corridors, or at least trigger an alarm so his presence can be detected before the powder is ignited.

Gunpowder Plot

A contemporary engraving of eight of the thirteen Gunpowder Plot conspirators, by Crispijn van de Passe.

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU