- Sputnik International
World
Get the latest news from around the world, live coverage, off-beat stories, features and analysis.

'Do as I Say Not as We Do': UK Police Force Websites Lack Basic Cybersecurity

© Flickr / Blue Coat PhotosUK Police Force Websites Lack Basic Cybersecurity
UK Police Force Websites Lack Basic Cybersecurity - Sputnik International
Subscribe
The UK police force has come under fire after many websites were found to lack basic security software needed to protect private data, potentially exposing information to cybercriminals, according to new research.

A quarter of police-related websites in the UK are lacking a secure web connection and end-to-end encryption which could expose sensitive data to cybercriminals, according to research carried out by the Center for Public Safety.

The not-for-profit organizations found that almost a quarter of 71 police websites lacked an automatic secure connection and only one in four sites carried sophisticated security settings to deter cybercriminals.

"It's actually quite embarrassing for the police to give advice to the public about always looking for a secure Internet connection when so many forces don't have a secure connection themselves," Rory Geoghegan, director of the Center for Public Safety told Sputnik.

​"It's 2016, the Internet is not new, the cybersecurity threat is not new — and yet some police forces and their IT providers seems to think it is acceptable to pay large sums of taxpayer money for insecure technology. A quarter of forces aren't offering any encryption at all for the user or the service and this could have severe consequences for individuals," Mr. Geoghegan who carried out the research said.

The organization also found that more than 70 percent of the websites, many managed by police forces in England and Wales, invited users to submit personal data and information relating to criminal matters via an unsecure connection.

"So it someone was to provide information over a public wi-fi signal, the criminals could sniff out what was said," Mr. Geoghegan said.

"It might sound far-fetched but criminals are moving to online activities because that's where the rich rewards are, meanwhile the services charged with protecting us aren't up to the job."

Black Hats, White Hats & The Dark Web, A Quick Guide Through Cyberspace - Sputnik International
Black Hats, White Hats and the Dark Web: A Quick Guide Through Cyberspace
In the first independent assessment to be carried out into the cybersecurity of police force websites, the center's report found both areas for commendation and concern.

"London's Metropolitan Police Service spent US$134 million on a supplier and we didn't award their website top marks. Meanwhile rural force in Dorset, received top-marks for its web security despite having a much smaller budget. They clearly had the skills and knowledge to hold their suppliers to account," Mr. Geoghegan told Sputnik. 

More than 70 percent of the sites checked by the Center for Public Safety invited users to submit personal data, and in some cases specifically relating to criminal activity.

"One of the examples cited in the research paper includes a situation in which a man who lives on a housing estate is upset at the level of local drug dealing when his friend gets stabbed. So he goes to a coffee shop to use their website in an attempt to anonymously report his concerns to the police. However the connection is public and because there is no end-to-end encryption, people can see the information that is being shared, which can put his life in danger. We have to ask, do police leaders fully understand the risks?" Mr. Geoghegan said. 

Based on the analysis carried out the center, one quarter have secure connections and half of them have room for improvement, the remaining quarter are in need of serious and urgent improvement.

"It's seems to be, do as I say, not as I do, when it comes to cybersecurity," Rory Geoghegan told Sputnik.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала