According to Silicon Republic, the Irish government is to run some cyber war games to test their responses and resilience to digital attacks.
That’ll be interesting; a few years ago the Irish government decided to implement a very unpopular and ineffective DNS-based copyright (and potentially censoring) system that drew the attention of a certain Guy-Fawkes-mask wearing hacktivist group. In no time at all the hackers posted admin passwords from the Department of Foreign Affairs (DFA), a group you’d expect to have superior security. I saw the list, and it was not much better than “Monkey” or “Password1” … actually “Password1” might have been one of them!
Hopefully the results of the tests will result in real changes to practices and design. I’m sceptical; I reckon tests/results will be moulded to minimise “bad results” and a knock on image. Plus an admin who uses “Password1” in a so-called-secure environment is the sort who won’t want to change.
Folks from efficient countries will think I’m being a cynic – people who live in Ireland know exactly what I mean (e-voting machines where the admin password was in the publicly available help button, a 10 year SAP project that exceeds departmental budgets, digital ticketing for public transport that makes us want to use paper stripe cards like most Euro cities, and so on).