CYBER Insights » THREAT INTEL: Fight or Flight …Same Intel, same Message, same Expertise – very different response

THREAT INTEL: Fight or Flight …Same Intel, same Message, same Expertise – very different response

Image Credit: Wälz/Pixabay
Image Credit: Wälz/Pixabay

Gibraltar: Wednesday 26 June  2024 at 11:50 CET

THREAT INTEL: Fight or Flight …Same Intelligence, same Message, and same Expertise – very different response 

By Andy Jenkinson – Guest Contributor |  Group CEO Cybersec Innovation Partners
via IainFRASER.net/CYBERInsights
First for SME Cybersecurity News

#CyberInsights  #Cybersecurity #WhitethornShield #InternetSecurity #DNS #PKI

THREAT INTEL: Fight or Flight …Same Intelligence, same Message, and same Expertise – very different response …

On the 11 January 2023 the Federal Aviation Administration closed down the entire U.S. air space due to losing Command Control of their critical Notice to Airmen (NOTAM’s) servers. This was only the second time in history the Federal Aviation Administration took such action. The atrocities of 9/11 being the first.

We assisted the Federal Aviation Administration that day by identifying the ‘issues’ for which they thanked us for in the first attachment below.

In June 2023 The University of Manchester suffered a major cyberattack that had dire consequences to numerous areas including their ties with the NHS.

The University of Manchester had fallen victim to a cyberattack when their systems were accessed by an unauthorized party and large amounts of data was compromised.

In our efforts to assist Jisc and other education facilities, we reached out to The University of Manchester Dean and Chancellor to provide demonstrable exposed and insecure Internet Assets and Servers. The response below from Patrick termed our offer to help as ‘scaremongering emails.’

It is evidently clear that The University of Manchester and Jisc DO NOT understand basic security of Internet Assets nor DNS records and servers, whilst the Federal Aviation Administration embraced and actioned our information and intelligence to prevent further chaos, even the prospect and potential loss of life

AJ_262624_3

The University of Manchester and Jisc clearly felt emasculated and took a ‘Fight, of Flight’ (pun intended) attitude preferring to cover up their incompetence and negligence.

Whilst the Federal Aviation Administration may have many areas to improve, they acknowledged their oversight and errors and undertook a program to address. Last year The University of Manchester were one of 347 schools and education facilities to suffer cyberattacks. The same exposures remain…

It is clear that The University of Manchester and Jisc have no interest in preventing a similar number of cyberattacks this year all the while they remain in denial, maintain exposed (JANET) servers (single point of failure) and ignore expertise. Cyberattacks are very good business for them.

Finally, as Jisc are a recent partner of the NCSC (part of GCHQ) in the ‘Share & Defend’ UK wide program which includes ‘PDNS,’ it does not bode well for not just the education sector, but the entire UK.

Maybe ‘Share & Defend’ means you Share, they move to Defend their position and negligence by any means possible. It seemingly DOES NOT mean Share & Defend National Security.

Interesting different reactions to basic security oversights and errors and information sharing. Hopefully it is little more than arrogance, egos, and ignorance and not anything more sinister…

Cybersec Innovation Partners
Information Commissioner’s Office
Serious Fraud Office (UK)
Metropolitan Police
NSPCC
BBC News
ITV News
CNBC

About Andy Jenkinson

Group CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. Recognised Expert in Internet Asset & DNS Vulnerabilities.

Andy Jenkinson is a senior and seasoned innovative Executive with over 30 years’ experience as a hands-on lateral thinking CEO, coach, and leader. A ‘big deal’ business accelerator, and inspirational, lateral thinker, Andy has crafted, created, and been responsible for delivering 100’s £ millions of projects within the Cyber, Technical, Risk and Compliance markets for some of the world’s largest, leading organisations. Andy has a demonstrable track record of largescale technical delivery and management within many sectors including the Professional, Managed, and Financial Services.

Leave a Reply

Your email address will not be published. Required fields are marked *