- Email: [email protected]
Operation sundevil II?
February 1993
All those arrested have been released on bail pending further investigation.
Operation Sundevil I1? Indications in the US are that the Secret Service is on the verge of launching Operation S u n d e v i l II, a c c o r d i n g to a r e p o r t in Computerworld. Operation Sundevil - - launched two years ago as a dragnet against computer crime -- swept through 14 cities, shut down a number of online bulletin boards, seized 40 computers and 23 000 floppy disks. The original operation received considerable criticism for its ineffectiveness and heavy-handed manner. It is only to be hoped that lessons have been learnt and will be implemented in any second operation.
Nuclear Electric rejects concern over software safety Fears expressed by the British Computer Society's (BCS) safety-critical systems group, about the protection software at the U K's Sizewell B nuclear power station, have been rejected by Nuclear Electric. According to a report in Computing, Nuclear Electric commented: "We believe the systems are more than adequate, will fully meet the requirements of the Nuclear Installations Inspectorate (Nil) and are perfectly capable of validation". The BCS's letter to Nuclear Electric had criticised the Westinghouse system, it stated: "The software is highly modular and well structured. We understand, however, that the individual units are not isolated in such a way that a major error in one unit could not cause the guard line to fail. This is unsatisfactory." The Nil must still approve the software before the plant can go operational later this year.
Are banks obtaining customer data lawfully? The UK's Data Protection Registrar is to investigate suggestions that banks could be contravening the first principle of the Data Protection Act in the way that they obtain customer permission to use personal data.
©1993 Elsevier Science Publishers Ltd
ComputerAudit Update
According to a report in ComputerWeekly, John Lamidey, assistant data protection registrar, has expressed concern that clauses have been added to UK banks' application forms stating that customers must allow personal data to be used by all bank subsidiaries. This data would be held on a central database and used to sell other bank services to customers. The Data Protection Act states that information on databases must be processed and obtained fairly and lawfully.
BA's computerized dirty tricks campaign British Airways (BA) has overhauled its computer security procedures following a disclosure in the High Court that employees of the company used BA systems to access passenger data of its competitor Virgin Atlantic. According to a report in Computing, former BA employee, Esedig Khalifa accessed Virgin's files through BA's departure control system which Virgin uses as a backup to its own system. BA staff contacted Virgin passengers and proceeded to offer them tickets on BA planes claiming that Virgin flights had b e e n c a n c e l l e d . A BA s p o k e s m a n commented: "We have put technical barriers in place to ensure employees cannot gain access to Virgin passenger information, except where it is necessary to operate the system." BA as been ordered to pay £610 000 to Richard Branson, managing director of Virgin Atlantic, though BA is still open to prosecution under the Computer Misuse Act.
8LGM hacked through back doors Three members of the now infamous 'Eight Legged Grove Machine' hacker group, are standing trial at Southwark Crown Court in the UK. Neil Woods, Karl Strickland and Paul Bedworth, are charged with conspiracy to tamper with computer data and the illegal use of telecommunication networks. One of the defendants, Paul Bedworth, a student at Edinburgh University, is also charged with conspiring to gain unauthorized access to computers. According to a report in the Financial Times, Bedworth hacked into the FT's system
17
All those arrested have been released on bail pending further investigation.
Operation Sundevil I1? Indications in the US are that the Secret Service is on the verge of launching Operation S u n d e v i l II, a c c o r d i n g to a r e p o r t in Computerworld. Operation Sundevil - - launched two years ago as a dragnet against computer crime -- swept through 14 cities, shut down a number of online bulletin boards, seized 40 computers and 23 000 floppy disks. The original operation received considerable criticism for its ineffectiveness and heavy-handed manner. It is only to be hoped that lessons have been learnt and will be implemented in any second operation.
Nuclear Electric rejects concern over software safety Fears expressed by the British Computer Society's (BCS) safety-critical systems group, about the protection software at the U K's Sizewell B nuclear power station, have been rejected by Nuclear Electric. According to a report in Computing, Nuclear Electric commented: "We believe the systems are more than adequate, will fully meet the requirements of the Nuclear Installations Inspectorate (Nil) and are perfectly capable of validation". The BCS's letter to Nuclear Electric had criticised the Westinghouse system, it stated: "The software is highly modular and well structured. We understand, however, that the individual units are not isolated in such a way that a major error in one unit could not cause the guard line to fail. This is unsatisfactory." The Nil must still approve the software before the plant can go operational later this year.
Are banks obtaining customer data lawfully? The UK's Data Protection Registrar is to investigate suggestions that banks could be contravening the first principle of the Data Protection Act in the way that they obtain customer permission to use personal data.
©1993 Elsevier Science Publishers Ltd
ComputerAudit Update
According to a report in ComputerWeekly, John Lamidey, assistant data protection registrar, has expressed concern that clauses have been added to UK banks' application forms stating that customers must allow personal data to be used by all bank subsidiaries. This data would be held on a central database and used to sell other bank services to customers. The Data Protection Act states that information on databases must be processed and obtained fairly and lawfully.
BA's computerized dirty tricks campaign British Airways (BA) has overhauled its computer security procedures following a disclosure in the High Court that employees of the company used BA systems to access passenger data of its competitor Virgin Atlantic. According to a report in Computing, former BA employee, Esedig Khalifa accessed Virgin's files through BA's departure control system which Virgin uses as a backup to its own system. BA staff contacted Virgin passengers and proceeded to offer them tickets on BA planes claiming that Virgin flights had b e e n c a n c e l l e d . A BA s p o k e s m a n commented: "We have put technical barriers in place to ensure employees cannot gain access to Virgin passenger information, except where it is necessary to operate the system." BA as been ordered to pay £610 000 to Richard Branson, managing director of Virgin Atlantic, though BA is still open to prosecution under the Computer Misuse Act.
8LGM hacked through back doors Three members of the now infamous 'Eight Legged Grove Machine' hacker group, are standing trial at Southwark Crown Court in the UK. Neil Woods, Karl Strickland and Paul Bedworth, are charged with conspiracy to tamper with computer data and the illegal use of telecommunication networks. One of the defendants, Paul Bedworth, a student at Edinburgh University, is also charged with conspiring to gain unauthorized access to computers. According to a report in the Financial Times, Bedworth hacked into the FT's system
17