Connect with us

Cyber Security

PM: We must find source of UK-US trade document leak



Image copyright Getty Images
Image caption Jeremy Corbyn holds up the leaked documents at a press conference on 27 November

Boris Johnson has said an investigation is needed into the source of leaked documents on UK-US trade negotiations posted on Reddit.

Labour says the documents show the NHS would be at risk under a post-Brexit trade deal with the US.

On Friday, forum website Reddit said unredacted documents were uploaded as “part of a campaign that has been reported as originating from Russia”.

It has suspended 61 accounts that showed a “pattern of coordination”.

The government said it was looking into the matter with help from the National Cyber Security Centre.


Speaking on Saturday, Mr Johnson said “we do need to get to the bottom” of the leak but said he had seen “no evidence of any successful interference by Russia in any democratic event in this country”.

The Culture Secretary Nicky Morgan said this all pointed towards foreign involvement: “I understand from what was being put on that website, those who seem to know about these things say that it seems to have all the hallmarks of some form of interference.”

Labour’s shadow transport secretary Andy McDonald reiterated his call for Mr Johnson to release an intelligence report into Russian covert actions in the UK, which No 10 has been accused of suppressing until after the election.

Advanced negotiations

In a post on its site, Reddit did not provide any further details about the evidence behind its conclusions, nor did it identify any specific individuals.

The BBC has approached the Russian foreign ministry spokesperson but they have yet to comment.

The contents of the documents have played a significant part in Labour’s election message on the NHS, after Mr Corbyn highlighted them at a press conference on 27 November.

The Labour leader said the papers were evidence that the UK government was in advanced stages of negotiations with the US to open up the NHS to American pharmaceutical companies.

Labour have not said where they obtained their copy of the documents.

Media playback is unsupported on your device
Media captionJeremy Corbyn defends sharing leaked US-UK trade documents

A version of the documents, heavily redacted, was also produced by Mr Corbyn at an earlier leader debate on 19 November.

At the time, Labour said these were the result of a Freedom of Information request by campaign group Global Justice Now.

The dossier was posted on Reddit more than a month prior to Mr Corbyn’s announcement, prompting questions about how they got there – and why few people seemed to notice them before.

‘Double-edged sword for Labour’

Analysis by political correspondent Jonathan Blake

A bit like journalists never reveal their sources, Labour are quite happy to focus on what these documents say rather than where they come from.

If you look at where Reddit’s comments leave the discussion, it’s both helpful and slightly problematic for Labour.

On the one hand, people are asking “where exactly did you get those documents from?” Remember, they were online in their unredacted form for several weeks before Labour brought them to everyone’s attention.

But at the same time, we’re still talking about these documents and what Labour claims that they show – that the NHS is up for sale, in their words. Boris Johnson and the Conservatives flatly deny that.

So it’s a double-edged sword for Labour.

For the Conservatives, you’ve got this uneasiness around Russian interference in an election campaign – which isn’t good for them because attention will turn to the report by Parliament which the government hasn’t released.

And that’s not very helpful for the Tories either.

Speaking on Saturday, the Labour leader said the controversy surrounding the source of the documents was “nonsense” and accused Mr Johnson of wanting to “hide the issues and the truth” over the future of the NHS in trade deals.

Mr Johnson said the documents “didn’t prove what Jeremy Corbyn and the Labour party hoped it would prove” adding “it was just another distraction from the void at the heart of Labour’s policy on Brexit”.

Media playback is unsupported on your device
Media captionBoris Johnson says leaked US-UK trade documents are ‘just another distraction’

Neither UK nor US governments have disputed the authenticity of the documents.

The BBC’s security correspondent Gordon Correra said crucial questions remained as to how the document circulating online originally appeared.

He said there would be a significant difference between a state-led operation from Moscow which hacked the material and then leaked it as opposed to someone who is based in Russia simply opportunistically using an already leaked document to cause mischief.

“That question is one that national security officials will be trying to answer.”

Read more:

Cyber Security

Johnson will defy US and allow use of Huawei, says top security adviser




Chinese firm poised to help build UKs 5G phone network despite warnings about spying

Boris Johnson is likely to approve the use of Huawei technology in the UKs new 5G network against the pleas of the US government, a former national security adviser has said.

Sir Mark Lyall Grant, who was Theresa Mays national security adviser, said that the security services had repeatedly concluded over several years that they were able to mitigate any potential threats posed by the Chinese technology.

The US has warned the British government it would be madness to use Huawei technology and senior Washington officials have said numerous times that the Trump administration would reassess intelligence sharing with the UK in light of such a move.

However, UK security figures dispute the claim and Britain has already used some Huawei technology in previous mobile networks. A final decision is expected later this month.

Lyall Grant told the Observer: This has been gone into now by three different administrations, and I think the outcome is quite likely to be the same that the intelligence agencies are expressing confidence that they can sufficiently mitigate any potential security threat to allow Huawei to continue to provide at least the non-core telecommunications equipment for 5G rollout. The government has developed an oversight mechanism which they are confident will work.

Combine that with the fact that Huawei has more advanced technology than the alternatives, I think it is relatively likely that Boris Johnson will come to the same conclusion.

Two of Britains biggest telecoms companies, BT and Vodafone, are understood to be drafting a letter to Johnson, setting out their support for Huaweis involvement in 5G.

Last night, a senior Huawei executive, Victor Zhang, said there was simply no justification for banning the company on cyber security grounds.

After looking at the facts, we hope the government agrees so that our customers can keep the UKs 5G roll-out on track and meet the prime ministers promise of gigabit connectivity for all, he said.

Giving Huawei the go-ahead to continue supplying equipment will mean telecoms companies have access to the best technology and the breadth of suppliers they need to build secure, resilient and reliable networks.

The dispute was a sign that Britain would be repeatedly asked to take a side in disputes between the US and China, Lyall Grant added. The interesting thing about Huawei is that it is the first, but by no means the only issue on which the risk is over the next decade, we are going to be pressured to choose, he said. And that is a choice that on some issues the UK government is not going to want to make.

Read more:

Continue Reading

Cyber Security

Now It’s Really, Truly Time to Give Up Windows 7




Two days ago, I finally gave up Windows 7. I don't dislike Windows 10, but there's just always been something special about Windows 7. It was svelte. It actually ran faster and took up less hard drive space than its predecessor, the much-maligned Windows Vista. It looked great. We Windows users could finally hold our heads a little higher around Mac users. And, well, I didn't know how well Windows 10 would work on that old Windows 7 laptop, or how much time it would take to make the transition.

But Microsoft forced my hand. Tuesday is the last day that Microsoft will support Windows 7. "If you continue to use Windows 7 after support has ended, your PC will still work, but it will become more vulnerable to security risks and viruses," the company says. In other words, if you don't want to leave your computer open to ransomware and other threats, you better upgrade.

I was far from alone in my procrastination. A poll of IT professionals last year by Spiceworks, a social and online network for the IT industry, found that 79 percent of respondents still had at least one Windows 7 machine in their organization. About 25 percent said they didn’t expect to finish upgrading by now. Updates are always painful for large organizations. Many companies, nonprofits, and government agencies probably will keep running Windows 7 despite the risks and despite having had years to plan for the transition.

Organizations tend to overestimate how quickly they'll migrate to newer operating systems. In a 2013 poll by Spiceworks, 26 percent of respondents projected that they wouldn't migrate away from Windows XP before Microsoft ended support for that operating system in 2014. But Spiceworks found that about 32 percent of respondents were still running at least one machine with Windows XP last summer.

Fortunately for me, my upgrade to Windows 10 was pretty easy. And Microsoft says it will fix particularly important security issues for users who shell out for "extended support"; the company has been known to release security fixes even after it has officially stopped supporting a product.

IT departments can take steps to protect systems that are no longer supported. But they need to be proactive. "If organizations put their heads in the sand, they're going to get bit," says Chris Tillett, senior security engineer at information security company Exabeam. "You could be reading that your local hospital is sending your data to some criminal enterprise."

Why Companies Don't Update

Windows 7 was released in 2009. It was followed by Windows 8 in 2012 and Windows 10—the current version—in 2015 (there was no Windows 9). That might sound like plenty of time for organizations to migrate, but it’s never that simple. Some organizations may not want to—or be able to—shell out for new hardware and software. Plus, Windows 8 was notoriously unpopular because it didn’t have the traditional "Start" button. Many IT departments didn't want to support the operating system for fear that their help desks would be flooded by questions from confused users, says Peter Tsai from Spiceworks. That means PCs purchased as recently as 2015 may still be running Windows 7.

The biggest reason organizations hold on to older operating systems, Tsai says, is the need to run older "legacy" software that might not run correctly on newer operating systems. Backwards compatibility has long been a big priority for Microsoft, but it's not possible to guarantee everything that ran on older versions of Windows will work on a new version. Marc Capellupo, another Exabeam security engineer, says security improvements in Windows 10 might prevent some older applications from working correctly if they try to access parts of the operating system that are now locked down. The only way to be sure that old software works with new systems is to test it, and that takes time and resources. Even if an application will work flawlessly on Windows 10, an organization might delay an upgrade until it's been thoroughly tested. At large companies, with hundreds of thousands of users, an update from one version of an operating system to another can take years, Tillett says.


It’s getting easier to migrate applications from one operating system to another, Tsai says, because newer software is often web-based or built with cross-platform tools like the Java programming environment. But many industries, such as utilities, manufacturing, or financial services, still use decades-old software that can't easily be replaced, says Jason Christopher, principal cyber risk adviser at the industrial technology security company Dragos.

When millions of dollars, or people's lives, are on the line, companies are reluctant to replace software that still works, even if that means having to run outdated operating systems. Some companies still have ancient IBM mainframes, and others might run MS-DOS in virtual machines.

In cases where organizations have to run old, unsupported software and operating systems, IT departments typically do their best to secure systems in ways that don't depend on getting security updates from Microsoft. One of the most common strategies, Christopher says, is to isolate outdated systems from the internet or from other parts of the network.

For many companies looking to keep their systems safe, one answer will be still more software. According to Spiceworks, 59 percent of IT pros expect to use artificial intelligence or machine learning to detect security threats.

Read more:

Continue Reading

Cyber Security

Microsoft Warns of Unpatched IE Browser Zero-Day That’s Under Active Attacks




internet explorer zero day vulnerability

Internet Explorer is dead, but not the mess it left behind.

Microsoft earlier today issued an emergency security advisory warning millions of Windows users of a new zero-day vulnerability in Internet Explorer (IE) browser that attackers are actively exploiting in the wild — and there is no patch yet available for it.

The vulnerability, tracked as CVE-2020-0674 and rated moderated, is a remote code execution issue that exists in the way the scripting engine handles objects in memory of Internet Explorer and triggers through JScript.dll library.

A remote attacker can execute arbitrary code on targeted computers and take full control over them just by convincing victims into opening a maliciously crafted web page on the vulnerable Microsoft browser.

“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user,” the advisory says.

“If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”

Microsoft is aware of ‘limited targeted attacks’ in the wild and working on a fix, but until a patch is released, affected users have been provided with workarounds and mitigation to prevent their vulnerable systems from cyberattacks.

The affected web browsing software includes — Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 running on all versions of Windows 10, Windows 8.1, and the recently-discontinued Windows 7.

Workarounds: Defend Against Attacks Until A Patch Arrives

According to the advisory, preventing the loading of the JScript.dll library can manually block the exploitation of this vulnerability.

To restrict access to JScript.dll, run following commands on your Windows system with administrator privileges.

For 32-bit systems:

takeown / f% windir% system32 jscript.dll
cacls% windir% system32 jscript.dll / E / P everyone: N

For 64-bit systems:

takeown / f% windir% syswow64 jscript.dll
cacls% windir% syswow64 jscript.dll / E / P everyone: N
takeown / f% windir% system32 jscript.dll
cacls% windir% system32 jscript.dll / E / P everyone: N

When a patch update is available, users need to undo the workaround using the following commands:

For 32-bit systems:

cacls %windir%system32jscript.dll /E /R everyone

For 64-bit systems:

cacls %windir%system32jscript.dll /E /R everyone
cacls %windir%syswow64jscript.dll /E /R everyone

To be noted, some websites or features may break after disabling vulnerable JScript.dll library that relies on this component, so therefore, users should install updates as soon as they become available.


Continue Reading