Articles about Audit

Dirty diesel backups will make Hinkley Point C look like a bargain

Britain signed off on the most costly energy deal it has ever made this week – but the price we agreed for energy from Hinckley is still lower than the peak prices that will hit British wallets even harder, and sooner. Current commitments to renewable generation will cost each household £466 by 2020/21, the centre-right think …
Andrew Orlowski, 30 Sep 2016
Super-villain Dr Evil puts finger to lip in scheming manner, asks for one million dollars. Pic: New Line Cinema

VESK coughs up £18k in ransomware attack

Exclusive Hosted desktop and cloud provider VESK is staggering back to its feet after paying 29 Bitcoins (£18,600) in a ransomware attack earlier this week. VESK became aware that one of its environments had been impacted by a ransomware virus on Monday (26 September) at 3am. This virus was a new strain of the Samas DR ransomware, …
Kat Hall, 29 Sep 2016

Internet of Things security? Start with who owns the data

“Defence is only as strong as the weakest link,” said Tim Phipps of Solarflare at today’s Cambridge Wireless event on security within the Internet of Things. Today's Cambridge Wireless event was part of its Special Interest Group focusing on security and defence. In particular, on securing and defending the Internet of Things …
Gareth Corfield, 28 Sep 2016
Green light

These five weird tricks will help you manage your hybrid cloud

When you get to a certain age, and you've been in the IT industry for enough years, you start to get an idea of what auditors are looking for when they descend on you and ask you pointed questions about your systems. And I don't just mean security auditors: if your company has an annual financial audit the team that come and …
Dave Cartwright, 28 Sep 2016
editorial only image of Whitehall. Pic Daniel Gale/Shutterstock

UK.gov is doing sod all to break £20bn of locked-in IT contracts

Analysis If IT wasn't perceived to be such a boring topic by Joe Public, the amount the government still spends on expensive clunky technology would be viewed as a national scandal. Across the entire public sector the annual figure has been pegged at around £20bn. No one knows for sure. As long as Whitehall's money is locked into …
Kat Hall, 28 Sep 2016
IT Crowd's Roy: "Have you turned it off and on again?"

Sysadmin gets 5 years for slurping contractor payments to employer

A 49-year-old IT bloke from Essex has been sentenced to five years' imprisonment on two counts of fraud after his cunning plan to steal £450,000 from his employer was uncovered... almost immediately. Adeshola Dada, of Watts Crescent, Purfleet, Essex, was employed in the IT department of Genesis Housing Association, where he …
shutterstock_213172012

Woo hoo, UK.gov has unveiled yet another tech creche – for infosec

Plans are afoot in Westminster to burn even more taxpayers' cash by launching a new cyber-security startup accelerator in Cheltenham. The accelerator will be the umpteenth vehicle for funnelling money to muppets since the coalition government came to power. Other accelerators have included a military technology free-money …

Microsoft lets Beijing fondle its bits in new source code audit hub

Microsoft has opened a technology centre in China to reassure Beijing it does not have backdoors in its software. The so-called Transparency Centre is the third Redmond has opened to reassure governments that Microsoft's wares are secure. Redmond's trustworthy computing corporate veep Scott Charney says the centre will allow …
Darren Pauli, 20 Sep 2016
Oracle's cloud plan

Spoiler alert: What Oracle is going to announce today

OpenWorld It's that time of the year again. Oracle's OpenWorld is in San Francisco. Supremo Larry Ellison has given his Sunday keynote. Here's a summary of what the database giant is going to reveal today in easily digestible chunks. And, yeah, warning: everything is now cloud. Anything you'd call an application or a software service is …
Chris Williams, 19 Sep 2016

UK.gov oughta get its data-sharing house in order before Digital Economy Bill plans

Analysis The government has a funny notion of how to tackle failure. When it comes to contracts, suppliers that have routinely messed up are handed more deals. When it comes to policy, approaches that have proved unsuccessful get dusted off and pushed with renewed vigour. The author who wrote "the definition of insanity is doing the …
Kat Hall, 19 Sep 2016
Man in helmet looks uncertain, holds up shield. Photo by Shutterstock

National Cyber Security Centre to shift UK to 'active' defence

The head of the UK’s new National Cyber Security Centre (NCSC) has detailed plans to move the UK to "active cyber-defence", to better protect government networks and improve the UK’s overall security. The strategy update by NCSC chief exec Ciaran Martin comes just weeks before the new centre is due to open next month and days …
John Leyden, 16 Sep 2016
Metropolitan police image via Shutterstock

'Inherent risk' to untried and untested 4G emergency services network – NAO

Plans for a new 4G emergency services network (ESN) to be used in life and death situations by the blue light services have been dubbed as "high risk," in a report from the National Audit Office today. The ESN will replace the expensive Airwave radio system used by the police, fire and ambulance services. It is expected to …
Kat Hall, 15 Sep 2016
Defeated-looking young man puts his head against table in front of laptop and pile of papers in conference room. Pic via Shutterstock

So, Gov.UK infosec in 2015. 'Chaotic'. Cost £300m. NINE THOUSAND data breaches...

The Cabinet Office is failing to coordinate the UK's government departments' efforts to protect their information according to a damning report by the National Audit Office. The NAO found that the Cabinet Office failed in its duty and ambition to coordinate and lead government departments’ efforts in protecting such …
Cell tower, view from below. Image by Shutterstock.com

UK oversight body tipped to examine phone snooping tech in prisons

The secretive use of IMSI grabbers in the UK is set to receive oversight from the Interception of Communications Commissioner's Office (IOCCO). IOCCO is awaiting a formal request from the Prime Minister to provide oversight of the use of mobile phone eavesdropping devices in prisons, its head has confirmed to The Register. …

Brit spies and chums slurped 750k+ bits of info on you last year

More than 760,000 “items of communication” were obtained by British snoops – and others – in 2015, according to the Interception of Communications Commissioner’s Office’s (IOCCO) annual report. The report, which was published today and covers the annual year 2015, revealed for the first time an accurate scale of communications …
An Air Asia Airbus A330. Pic: Mingman/Shutterstock

Typo made Air Asia X flight land at Melbourne instead of Malaysia

Finger trouble with onboard navigation systems led to an Air Asia flight making a two-hour internal hop in Australia before its scheduled journey to Malaysia. An investigation report by the Australian Transportation Safety Bureau (ATSB) into the March flight disclosed the cockup, which it said was down to the A330's captain “ …
Gareth Corfield, 07 Sep 2016
Sheaf of £50 notes poised on the rim of a toilet bowl as toilet is flushed. Collage of two photos sourced from Shutterstock

Universal Credit: 'One dole to rule 'em all' on verge of recovery – report

The disastrous £16bn one-dole-to-rule-them-all Universal Credit programme in the UK may be turning a corner, according to a report by think-tank the Institute for Government. The woes of the programme have been long-documented, with the National Audit Office three years ago revealing that the entire multi-billion programme had …
Kat Hall, 06 Sep 2016
Hippie peace, image via Shutterstock

ACCC mulls regulating roaming charges

The Australian Competition and Consumer Commission (ACCC) has sparked a Telstra-Optus love-in by looking into whether mobile roaming should be a regulated service. The regulator has announced a “declaration inquiry” into roaming. If the inquiry led to a declaration, it would mean domestic roaming charges (that is, when a user …
Australian $20 burning

Australia's mobile black spot program was a partisan money hole

One in five new mobile phone towers built with Australian government money did more for telcos than for coverage-craving folk living in regional areas. That's the conclusion of the Australian National Audit Office (ANAO), which has assessed the government's Mobile Black Spot Program. Funded to the tune of AU$385 million ( …

L0phtCrack's back! Crack hack app whacks Windows 10 trash hashes

Ancient famed Windows cracker L0phtCrack has been updated after seven years, with the release of the "fully revamped" version seven. The password cracker was first released 19 years ago gaining much popularity in hacker circles and leading Microsoft to change the way it handled password security at the time. No new versions …
Darren Pauli, 01 Sep 2016
shutterstock_197375177-doctor

NHS slaps private firm Health IQ for moving Brits' data offshore

Health insurance and financial data management biz Health IQ is the latest outfit to have its wrists slapped by NHS Digital in the UK for failing to comply with data processing rules. A technical audit of Health IQ concluded the company had breached its Data Sharing Agreement with the NHS "by holding and processing data …
Kat Hall, 26 Aug 2016
UK border control at Heathrow. Photo by 1000 words/Shutterstock editorial use only

Paper mountain, hidden Brexit: How'd you say immigration control would work?

At some point in the next few years we will be in a post-Brexit world, and the UK will have regained complete control of its borders. Or maybe not. At this juncture, it's worth taking a long hard look at how that might work. Spoiler: it won't. And that's because of two things, law and logistics. Those immediately affected by …
John Lettice, 22 Aug 2016

VeraCrypt security audit: Four PGP-encoded emails VANISH

Security researchers running a project to audit open source disk encryption tool VeraCrypt have been spooked by the mysterious disappearance or non-arrival of encrypted communications. The OSTIF (the Open Source Technology Improvement Fund) mounted an effort to get VeraCrypt independently audited at the start of August. …
John Leyden, 16 Aug 2016
Man exasperated after being on hold for a long period of time. Photo by Shutterstock

HMRC: We've got £1.3bn for digital tax schemes. Tell us how to spend it

HMRC is casting around for ideas on how to splash £1.3bn in order to become the most "digitally advanced" tax administration in the world. Last year the body was awarded £1.3bn of digital investment over the next four years, which it said would yield £1bn in extra tax revenue after 2020 by ending "bureaucratic form-filling". …
Kat Hall, 15 Aug 2016
Burning money, photo via Shutterstock

Adobe stops software licence audits in Americas, Europe

Adobe has stopped doing software licence audits in most parts of the world, according to Gartner research director Stephen White. White recently blogged about Adobe's decision, writing that “These programs were closed in the North America, Japan and Latin America markets as of November 2015. Closure of the EMEA program is …
Simon Sharwood, 12 Aug 2016

Raucous Ruckus router ruckus roundly rumbles: Infosec bod says Wi-Fi kit is weak, biz says no

Enterprise wireless hotspots from Ruckus can be trivially crashed and their login systems bypassed, Tripwire researchers warn. Ruckus confirmed there are flaws in its access points while playing down the seriousness of the bugs. Tripwire followed up a 2014 study into the insecurity of Ruckus routers with a new investigation …
John Leyden, 10 Aug 2016

Oracle to shutter License Services division – source

Oracle’s cloud sales drive may have claimed the giant’s Compliance and Optimisation License Services (COLS) unit. A source close to Oracle’s licensing operations has told The Reg COLS is in the process of being wound up as the company prioritises cloud sales for new hires. The software firm is less concerned about deals that …
Gavin Clarke, 10 Aug 2016
A US police officer smiles while standing in front of her patrol car. Photo by Shutterstock

Your colleagues will lie to you: An enterprise architect's life

Enterprise Architects … well, among other things they design and build corporate infrastructures. It's very easy, though, for these highly technical masters of electronic wizardry to concentrate on making the technology work at the expense of the more tedious corporate governance stuff. Here are my favourite five things that …
Dave Cartwright, 10 Aug 2016

BBC detector vans are back to spy on your home Wi-Fi – if you can believe it

Updated The BBC's creepy detector vans will be dragged into the 21st century to sniff Brits' home Wi-Fi networks, claims the UK Daily Telegraph's Saturday splash. From September 1, you'll need a telly licence if you stream catch-up or on-demand TV from the BBC's iPlayer service, regardless if you've got a television set or not – phone …
Chris Williams, 06 Aug 2016
Parachutist image via Shutterstock

The bigger they get, the harder we fall: Thinking our way out of cloud crash

Cloud computing is wonderful, until it isn’t. A digital screw comes loose somewhere, and before you know it the whole engine has ground to a halt in a cascading cloud outage – or, as we like to call it, a cloutage. It has happened before, and Bryan Ford was very worried about it in 2012. Then a Yale Researcher, he published a …
Danny Bradbury, 29 Jul 2016
Projects at risk

MPs reiterate risks of mega £10bn Aspire contract overhaul

UK MPs have warned that HMRC (HM Revenues and Customs) may struggle to overhaul its expensive £10bn IT systems with Capgemini, and that further cuts could ultimately waste more taxpayers' cash. The Public Accounts Committee (PAC) report published today said the body remains concerned that HMRC may struggle to integrate …
Kat Hall, 27 Jul 2016
Silhouette of spy discerning password from code uses a command on graphic user interface

Zero-day hole can pwn millions of LastPass users, all that's needed is a malicious site

Updated A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass, which The Register has been told can completely compromise user accounts. Many millions of people can right now be compromised by merely visiting a malicious website using Firefox with LastPass's software installed, we understand. This …
Darren Pauli, 27 Jul 2016
gold abacus via shutterstock

Eurocrats to pore over Apache, KeePass code

The Apache HTTP server and KeePass password manager are to get a free code audit, courtesy of a pilot European Commission project. The EC-FOSSA (free and open source software auditing project) pilot was conceived by the European parliament in 2014, and given €1 million to work with. As well as code audits, it's got the …
HMRC photo, Gov.uk

Guess who gets hit hard by IR35 tax clampdown? Yep, IT contractors

IT contractors in Blighty could bear the brunt of UK government plans to clamp down on self-employed workers not paying the correct employment taxes - with HMRC targeting 20,000 public sector contractors. The taxman is currently consulting on whether to shift responsibility for compliance with the intermediaries legislation, …
Kat Hall, 22 Jul 2016
Woman holds up PBX phone in office. Pic by Shutterstock

Really Scary Telecoms Stuff? Nah – telephony's just an app

In 2009, I moved to Jersey to become the network and telecoms manager for a multinational company. It was tremendous fun, as I had a variety of kit to play with. I tended to favour the Mitel 3300 ICP range (still do, actually) that supported about half of our offices, and I did the various engineer courses and exams for the …
Dave Cartwright, 20 Jul 2016

Top IT bod Sally Howes leaves the UK's National Audit Office

Sally Howes, the executive lead at the UK National Audit Office responsible for working with departments on their IT programmes, has stepped down after six years in the role. Howes joined the NAO in 2010 as a director, and was appointed executive leader with responsibility for digital and innovation in 2013. She also oversaw …
Kat Hall, 19 Jul 2016

Shelfware wars should be conceded, admits Microsoft compliance boss

The UK head of Software Asset Management (SAM) and Compliance at Microsoft, Mark Bradford, admitted at a recent seminar held by one of its enterprise licensing sellers Bytes that Shelfware issues “should be conceded”. Bradford said his group, responsible for working with channel firms to perform reviews of customers, didn’t …
Martin Thompson, 18 Jul 2016

Kids’ shoes seller Start-rite suspends sales following breach

Children’s shoes retailer Start-rite Shoes has suspended sales following the discovery of an attack by hackers last weekend. UK-based Start-rite reckons hackers may have obtained customer names, postal address, telephone number and email address of its clients. Payment details are not stored on the site and therefore should …
John Leyden, 13 Jul 2016
http://www.shutterstock.com/pic-206007979/stock-photo-female-student-using-mobile-phone-in-classroom.html?src=QwV6NI1PxgBasokGhlmPQA-1-27

Student Loans Company burns £50 million in IT project superfail

Exclusive The UK's Student Loans Company has wasted £50m on a canned IT transformation project, designed to provide a “digital by default” system to cope with a major increase in student numbers. The programme was launched in 2013 in conjunction with the Government Digital Service and was intended to be a "robust and agile customer- …
Kat Hall, 13 Jul 2016
editorial only image of Whitehall. Pic Daniel Gale/Shutterstock

£8 BILLION is locked into UK.gov's failing IT schemes, El Reg analysis reveals

The UK government has £8bn locked into IT contracts which are at high risk of failure, according to an analysis of the Infrastructure Project Authority's accounts by The Register. Of 143 major projects representing £405bn of government spending, The Register identified 19 IT projects that were flagged as “red” or “amber/red” …
Kat Hall, 07 Jul 2016
Phone cables, photo via Shutterstock

Comms intercept commish: There were some top secret orders

An oversight body has revealed that secretaries of state for the Home Office and the Foreign and Commonwealth Office have issued at least 23 secret orders to telecommunications companies on national security grounds since 2001. The Interception of Communications Commissioner’s Office (IOCCO) has today published its 55-page …
Car on Monopoly board. PHOTO BY Kamira, editorial use ONLY VIA SHUTTERSTOCK

Microsoft devolves sales ops powers to the UK

Microsoft has finally admitted its internal systems aren’t up to the job as it devolves control of sales operations from a centralised team in Europe to certain local country teams including the UK. Clare Barclay, GM for small, medium solutions and partners at the vendor, confirmed the shift will take place from “early 2017” …
Paul Kunert, 05 Jul 2016

Crown Commercial Services is to slap SMEs with price hikes

Government procurement body the Crown Commercial Service is to start hiking up the amount it charges suppliers to sell stuff to the public sector. CCS already pockets fees from government frameworks – last year taking a cut of £72m from the £15bn total managed spend it facilitated. However, it will now more heavily rely on …
Kat Hall, 04 Jul 2016

Michael Gove says Britain needs to create its own DARPA

Alasdair Gray, the acclaimed Glaswegian writer and artist, penned a phrase now engraved on a wall of the Scottish Parliament: “Work as if you live in the early days of a better nation.” Michael Gove, the controversial Caledonian Brexiteer, journalist and Conservative politician, has in turn declared his intention to seek the …
A man in handcuffs

ACL-Sue: Civil rights warriors drag Uncle Sam to court for hacking laws

The American Civil Liberties Union (ACLU) says the US Computer Fraud and Abuse Act (CFAA) should be stricken for being unconstitutional. The civil rights group said in a filing [PDF] to the Washington, DC, District Court that the CFAA prevents researchers and whistleblowers from carrying out their work and violates both the …
Shaun Nichols, 29 Jun 2016
money_987_648

PAC slams UK.gov for lack of evidence-based science investments

The Public Accounts Committee has advised the UK government to take a more evidence-based approach when deciding spending on science projects, according to a report published today. The report comes at a time when the future of science funding hangs in the balance after the UK voted to leave the European Union. The EU gives …
Katyanna Quach, 29 Jun 2016

SWIFT hackers nick $10m from Ukraine bank

Hackers stole $10m from a Ukrainian bank by – yup, you guessed it – invading its computers and using the inter-bank transfer system SWIFT to shift their loot. The theft from an unnamed Ukrainian bank follows news of cyber-heists at other banks worldwide, most notoriously the lifting of $81m from an account held in New York …
John Leyden, 28 Jun 2016
POrtworx_banner

Three men and a container engine: Let's commoditise this baby

Backgrounder Portworx Enterprise hits general availability in July to provide containerised storage for containers. The software runs on commodity servers, captures and aggregates their storage into a virtual SAN providing scale-out block storage, then provides storage for containers, at container granularity, and with a global namespace. …
Chris Mellor, 27 Jun 2016
Cloudy sky

Wanted: New cloudy head for UK.gov. 37 hour week, £90k salary

The UK government is hiring a Digital Marketplace director who will pocket £90,000 a year with a budget of £3.9m to lead a team of 38 digi procurement bods. The Digital Marketplace is intended to be provide an online portal for various digital government procurement departments to buy new code. The director will also be …
Kat Hall, 22 Jun 2016
Ireland and Great Britain map, image via Shutterstock

Breach-tastic Irish civil service payroll system facing audit

The data-haemorrhaging payroll system for Ireland's civil service is to be audited by the nation's Data Protection Commissioner. According to the Irish Times, almost 2,000 civil service staff were victims to a data breach back in April when their details were sent on a spreadsheet to a human resources manager in a government …