Do British police get cyber security?

Didn't anyone think to secure that conference call a bit more thoroughly? It seems the access details for the dial-in conference call were emailed to relevant officials by way of an e-invite - an invite that somehow got forwarded to a non-Government account which had been compromised, allowing Anonymous to not only see the invite but secretly participate in the call as a silent listener.

That knowledge of the dial-in number and, presumably a login and password circulated in the same invitation mail, was all that was required as authentication is, frankly, remarkable. Especially as that email was, as I understand it, sent to more than 40 law enforcement officers in the US and across Europe.

But it gets even worse when you realise that each participant was given the same login code, so that anyone reading the email would be able to join the call. I would have thought the people on the forefront of fighting the war against insecurity might consider unique codes for each participant.

I could understand it if the conference call was the kind that I get a zillion invites to and involve a marketing man in the US extolling the virtues of the latest mind-numbingly boring product. But no two-factor authentication, which would likely have stopped the hackers in their tracks, for a call between law enforcement agency officials? Really?

Davey Winder

Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.

Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.

You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.