Sunday, 26 June 2011

Has the UK Census data been hacked?

A rumour was circulated last week suggesting that the UK Census data from 2011 had been hacked. The data is held by the UK's Office for National Statistics and collated and stored by the US firm Lockheed Martin. Neither organisation was able to immediately deny the story, which first appeared on a website called Pastebin.com (see http://pastebin.com/K1nerhk0).

The light-hearted posting to that site reads,
Greetings Internets,
We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the 2011 census

We're keeping them under lock and key though... so don't worry about your privacy (...until we finish re-formatting them for release)

Myself and the rest of my Lulz shipmates will then embark upon a trip to ThePirateBay with our beautiful records for your viewing pleasure!

Ahoy! Bwahahaha... >:]

Cap'n Pierre "Lulz" Dubois

Interestingly, the fact that neither the UK Office for National Statistics nor Lockheed Martin could categorically deny that such an attack had taken place, suggests that the data is held on internet facing computers. Furthermore, they do not seem to have great confidence in their own security procedures, as they must have believed that there was a chance the data could have been stolen.

A day after this news first surfaced, the British Police and the US FBI arrested 19 year old Ryan Cleary from Essex, allegedly on suspicion of hacking Facebook.

The British newspaper the Daily Telegraph was typical in the manner of reporting of this story (see http://goo.gl/uNK8t). The headline reads, "Ryan Cleary, the Essex teenager suspected of masterminding an international computer hacking ring...". This makes him sound something like Ernst Stavro Blofeld, the leader of the evil criminal organisation Spectre, which James Bond spent so long fighting.

However, further down the article we then learn that Mr Cleary, "...suffers from ADHD and Emotional Behavioural Disorder, tried to hang himself when he was ten and was expelled from both his primary and secondary schools for disruptive behaviour." This suggests he's a sad, spotty geek hiding in his back bedroom and hitting lucky on hacking some poorly secured web-sites, rather than an evil mastermind aiming to rule the world.

The loose grouping known as Lulzsec was then fingered as being the outfit behind many of the recent sophisticated hacking attempts, with Cleary suggested to be their "Leader".

The whole story seems to be a laughable attempt by newspapers and government to create some demon organisation that we can all hate. And now, just to further add to the fun, Lulzsec have announced that they are disbanding, which has created even more press interest, (http://www.bbc.co.uk/news/uk-13918458). But what is there to disband? Do we imagine there is an office block somewhere housing a crew of determined hackers, trying to bring down big business?

The truth is that these hacking "Groups" (such as Lulzsec, and also Anonymous) are unlikely to be anything other than a very disparate collection of individuals all acting with one common aim. In the same way that Al-Qaeda is the terrorist bogeyman which is not just one entity, so we seem to have to give a name to these hackers.

I do not doubt that there are a large number of such hackers, some of whom are capable of hacking major organisations such as Sony and the CIA. But the idea that they are from one organisation which can decide to switch such attacks on or off is simply fanciful.


____________________________________________________
If you enjoyed this blog please consider donating £1.00!
Sign up for our Monthly Newsletter
The IT Dept offers computer support services in Lancashire, including Monthly On-Site or Remote Support Contracts; Secure Online Data Backup; Domain Hosting; Server and Desktop Sales; Software Supply & Installation. We cover all of Lancashire, including Chorley, Preston, Blackburn, Darwen, Bolton, Wigan, Blackpool, etc.
© Michael Donkin 2011