U.K. Government Secure Intranet Administrator Account Hacked

The British Minister for Cabinet Office told in his speech at IA14, the government’s 2014 conference for cyber security and information assurance decision makers that an APT( Advanced Persistent Threat) attack took place on the secure intranet of the British government.

According to Francis Maude a state-sponsored hostile group gained access to a system administrator account on the Government Secure Intranet.

The British Minister told in his speech that cybersecurity requires technical innovation and entrepreneurial ambition, supported by skills and research, something that Britain has in abundance. The Minister stressed  in addition the growing opportunities that cyber technology offers.We cannot stop for a minute, we can always do more to protect us.

Part of Minister Maude speech;

Those who would do us harm have been busy over the past 2 years.

Perhaps the most high profile example was the recent attack on eBay. All it took was a small number of employee log-in details to be jeopardised for hackers to obtain the entire customer database. As a result 128 million people – equivalent to twice the population of Britain – had to change their passwords.

Earlier this year, the Heartbleed vulnerability emerged. The origin of that particular problem wasn’t even malicious – it was caused by a single simple error among reams and reams of code. I’m told that the code in question was written late on New Year’s Eve – which I’m sure has absolutely no connection whatsoever…

Most recently, we’ve faced Gameover Zeus – not just a virus, but a worldwide pandemic – with the power to intercept and redirect financial transactions from infected computers. These are just the ones we hear about; the ones that got through – others have been thwarted.

I can tell you of a recent case where a state-sponsored hostile group gained access to a system administrator account on the Government Secure Intranet. Fortunately this attack was discovered early and dealt with to mitigate any damage.

For that – and in many other cases – we can be thankful that we have some brilliant people working to keep us safe. They’re drawn from GCHQ and the security services, the armed forces, the police and National Crime Agency, the civil service, and of course the private sector too, but they share much in common. They’re bright, motivated and have bucket loads of expertise.

Many are in the audience tonight and I’d like to take this opportunity to thank them. Their work truly represents some of the best I’ve seen in the public sector.

By Mohammad Rafati

I write on Powershell, Hacking and Security topics. Follow me for the latest news.