I fear undercover officers and their families could be in grave danger after the Met’s massive data breach, writes ROY RAMM – former commander of specialist operations at Scotland Yard
When I was running undercover operations for the Met, sending officers out to infiltrate criminal gangs, I could not have slept at night without knowing the force was protecting their identities.
As these men and women under my command were risking their lives for the job, keeping them safe was my highest priority.
So yesterday’s revelation that computer hackers had obtained the personal details of 47,000 Met Police officers and staff sent a chill through me.
Preserving the confidentiality of personal information, such as names and ID numbers, photos and vetting levels, is fundamental to security – and yet somehow these details have been accessed via a cyber attack on a contractor which was responsible for printing warrant cards and staff passes.
It’s hard to overstate how serious this could be. Not only are all the Met’s 35,000 serving officers at risk but in some cases the safety of their families could be jeopardised.
Police commanders responsible for undercover officers now face a very tough judgment call: Do they assume that their men and women have been compromised and pull them out? (File Photo)
Police commanders responsible for undercover officers now face a very tough judgment call: Do they assume that their men and women have been compromised and pull them out?
That’s a judgment that will have to be made on a case-by-case basis because, in certain circumstances, pressing the panic button could make a dangerous situation worse.
The very act of recalling them in the immediate aftermath of a highly publicised hacking operation could put them at greater risk of exposure.
Often the commanding officer will not know where his undercover police are at any given moment, who they are with or what they are doing.
Even sending an alert to let them know the secrecy of their personal details cannot now be guaranteed might inadvertently endanger them.
The Met faces the added fear that Royal Protection Squad officers are among those compromised. It is conceivable that urgent changes will have to be made to royal safety protocols.
London’s police force is not alone in suffering a catastrophic data breach, of course. Earlier this month, the personal details of all 10,000 staff of the Police Service of Northern Ireland were released in a bungled response to a Freedom of Information request.
Preserving the confidentiality of personal information, such as names and ID numbers, photos and vetting levels, is fundamental to security – and yet somehow these details have been accessed via a cyber attack on a contractor which was responsible for printing warrant cards and staff passes (Stock Image)
Who will be next to suffer a data leak on this scale? Top brass on every other force in the country must be worried that their database might be vulnerable.
We can’t yet be certain just how serious the Met hack is because we don’t know how the data was penetrated nor who is behind it. We can only hope that we are looking at a teenager-in-a-bedroom scenario.
More frightening, however, is the possible involvement of an organised criminal group. If this is the latest development in cybercrime, a step beyond targeting banks and firms, the chaos it threatens is almost unimaginable.
Criminals armed with this data could plausibly impersonate real officers, fooling not only members of the public but other police.
It’s not difficult to imagine how this could facilitate further data breaches. I don’t want to speculate about the more lurid possible outcomes – let’s leave prison breaks to the realm of shows such as Line Of Duty – but a full risk assessment on all police databases will have to be conducted as a matter of urgency.
But perhaps the most likely explanation of the Met’s cyber attack is that it is the work of state-backed hackers. Russia is the most likely perpetrator, but North Korea and Iran also have well-funded cyber warfare units.
That being the case, we can’t begin to guess how the information will be used. While this could merely be a warning shot to Britain, a reminder of the damage our enemies could cause if they wished, it could also be the precursor to sheer chaos, with highly sensitive data dumped on the open internet, as has happened with military secrets.
This makes it even more imperative that we find out how the hackers broke in and put in place unbreakable precautions to ensure it never happens again. The lives of police officers depend on it.
Source: Read Full Article
