With UK Climate Research Unit is hacked experts say great reason for secure collaborative working

61 million reasons for secure collaborative working as major UK Climate Research Unit is hacked

by Michael Smith (Veshengro)

21st November 2009 - Reports are coming in that the one of the UK's major Climate Research Unit (CRU) computer systems have been hacked and, says Cyber-Ark, the secure collaborative data sharing specialist, this is a classic casestudy for the reason why secure collaborative working systems exist.

"Details on this breaking story are still sketchy, but from what we know, around 61 megabytes of sensitive data were downloaded from the University of East Anglia's CRU servers and published on an anonymous FTP server in Russia," said Mark Fullbrook, Cyber-Ark's UK and Ireland director.

"It appears that the data stolen includes more than 1,000 emails and 70-odd documents that are highly contentious as regards the issue of global warming - something that various groups have alleged the governments of the world have kept a lid on for years," he added.

According to Fullbrook, it remains to be seen how explosive the data that has been stolen is, but unconfirmed reports suggest that the information is potentially embarrassing to several of the leading academics in the field of climate research in the UK and US.

What's interesting about the story, Fullbrook went on to say, is that the FTP link (http://ftp.tomcity.ru/incoming/free/FOI2009.zip) is on a Russian server that the data thief has chosen carefully – apparently for fear that the data might be taken down, when the server owners realize the political dynamite it contains.

However, by lunchtime of Saturday, November 21, 2009 the link comes up with “Object not found” and servers such as Tiscali immediately redirect to their search page.

Regardless of what happens in the aftermath of the data breach, Fullbrook said it is a textbook case of why secure collaborative systems like Cyber-Ark''s Inter-Business Vault exist. The big question, the Cyber-Ark director noted, is why the University's CRU hadn't installed some form of security on the potentially explosive data held on its servers.

And, he explained, with references to the US government's apparently negative stance on climate warming - which former vice president Al Gore has been trying to publicise for years - the data leak could cause severe ructions on Capitol Hill.

"Once the political fall-out from this data breach incident has settled, questions will undoubtedly be asked by those in charge about why better IT security systems weren't installed on the University CRU's servers," he said.

"I find it astonishing that politically sensitive data like this wasn't kept under highly encrypted protection. This data leak has the potential to add weight to the climate change cause, as well as acting as a case study on the need for secure collaborative data working," he added.

For more on the University of East Anglia CRU data leak fiasco: http://preview.tinyurl.com/yhdua5w

© 2009