Britain's National Cyber Security Center (NCSC) has secretly censored detailed public computer security security guidance provided to barristers, SOLICITORS and Legal Firms with Explan Announcement.
The guidance, a web page and a seven-page PDF Report Called “Cyber Security Tips for Barristers, Solicitors, and Legal Professionals”, was remrined from the centers and the centers' February.
NCSC Refused to Respond to Questions from Cw Asking If they Knew that the deleted web page and booklet Had automatically been archived by The National ArchivesMultiple Times, and So We WHE WERE STILL Online.
On the NCSC website, requests for the legal advice web page are now redirected to an incorrect page on the same site. The deleted booklet link returns a “404” http not found error page Stating “SORRY – The Page You're Looking for Isn’t Here”. Embarrassingly for NCSC, the not found error page then sugges that the National Archive Might Have Archived Versions of the Removed File. It does.
“Cyber Criminals are not fussy about who they attack”, the censored NCSC Booklet Had Warned, “Whoch means Law Practices of all sizes are at risk.” The Booklet Lists 37 Steps Lawyers and Legal Firms Should “
The booklet was published on 11 October 2024, Following a Special 2023 NSCS Cyber Threat Report for the UK Legal SectorThe Cyber Threat Report, Published with the Assistant of the Bar Council, Noted that by 2020 Three Quarters of Uk Legal Firms Had Reported Cyber-Attacks.
According to the Bar Council, “Barristers in England and Wales face threats, harassment, and intimidation at the hands of state and non-state actors from Around the World. The bar council is concerned by the rising reports from members who have found different forms of attack and threats against of their interactive legal work. “
Targeted Attacks Reported to the Bar Council Have included physical as well as cyber surveillance, cyber harassment incidence threatening or impersonating emails, reepeated and sustained hacking attempts, death threats, death threats, thoughts, thoughts, Family Members Via Email or Social Media, and 'Privilege Phishing' which attempts to seek to persuade those who are targeted to divulge sensitive information.
“These threats are not just an attack on the legal profession, they also have a chilling effect on access to justice and the rule of law,” it said.
'Political Censorship'
NCSC's Advice to Lawyers was removed one month after these grave warnings from the bar council's and on the weekend after apple hadle Had indicated it would refuse to comply with a uk a uk. Capability Notice ” The adp system causes the encryption keys for users' iCloud files to be stored only on devices, so improving security for legal data from outside attackers.
“This looks like Clumsy Home Office Political Censorship”, According to Cyberasecurity Expert Dr Ian Brown. “This kind of Politicisation by Gchq [which runs NCSC] is a hazard to security, if the risk of subordinating protective security to surveillance, “He said. Brown and other Security Experts Warned when NCSC was set up it should be run separately from gchq to avoid conflict and embarrassment.
Cambridge University Professor of Communications Systems John Crowcroft, Commenting on the Move Against Apple, Said “The UK Now is in a Weaker State of Protection. The attraction to the bad guys is increase here massively Above other countries… Our government has painted a target on us, and explicitly on all the “Us” that are not enched in health Commerce and discourse. ”
NCSC Drops References to Encryption
The uk weakened position now recommended by NCSC Now Fails to the Critical Need for End-to-Ed Encryption, Except for one islated and obscure document. The incorrect page that lawers are now linked to does not refer to encryption at all.
Ingtrast, and in the face of an onslaugt of suspended chinese LED Attacks Against Multiple High-Value Targets, The US Equivalent Cyber Defense Agency, CISA, Has recently stipulated That “highly targeted individuals [should] Immedited review and apply the best practices provided… Including consistent use of end-to-end encryption. ”
“Highly targeted individuals should assume that all communications Between Mobile devices – Including Government and Personal Devices –and Internet Services are at Risk of Internet or Manipulation,” Advice States.
NCSC Refused This Week to Answer Any Questions from Cw and Referred Enquiries to the Home Office, Who also refuse to respond. The Still Unanswred Questions Included Who Ordered The Takedown, Why, and Why Partner Legal Organizations were not notified or consulted in advance of the tampering. NCSC also refused to say wheether it would now seek to have government Archive Copies Eraced and Consigned to a “Memory Hole” – A Reference to Technique Adopted by the Ministry of TRURWELLLS 1984; Or whether they would put the censored pages back.
Until the secret takedown, the NCSC Booklet Included The Instruction to Lawyers to “Turn on Encryption”.
It advised, “Turn on the free encryption products including your windows or apple devices, so cyber attackers canless your sensitive data IF your device is laost or stolen. Make sure encryption is enabled on your mobile device (this is done automatically on modern android/apple devices) “.
For iOS devices, users were told to enable Advanced data protection for iCloudThis Advice Had Bank Impossible for UK users believe of apple's reaction to the home office notice. All the other cybersecurity guidance in the booklet remained valid
New Concerns Over National Security Notices
The Escalating Row Between Apple And the Home Office has also flushed out more Serious Concerns about the use of far-Reaching Powers to Impose Controls on Telecommunications Companies, by ISSUNAL Security notices ”.
The Vague terms of National Security Notices Require Telecommunications Operators
Parliament was LED to Believe That This Power Apply to Technical Facilites Such as Interception Arrangements. Multiple Industry sources Say that Since 2016, NSNS Have Been Used To Require Telecommunications Company Boards, Including Apple, To Delete Board Authority to Secrets Alld and Salact Internal National Security Committees, All of Whose Members and Staff, and Any Lawyers He Hire, Must Be Approved for Developed Vetting (DV) ChecksThe arrangement means that companies may be ordered to implement security breaches that directors and engineering staff do now know about.
Misuse of Developed Vetting
Notorously, after the 2016 Investigatorry Powers Act Came Into Effect, The Home Office and Intelligence Agencies Used The Developed Vetting Process to Block the newly appointed Investigator Powers Commissioner, Lord Justice Adrian Fulford, from Appointing The Commissions Choen Head of InvestigationsLecturer in Survelance Law Eric Kind.
Although initially approved by a vetting offices, Kind was told that dv security clearance had been rejected After the intervention of the security service, Mi5.
As reported earlier, Apple has now appeared against the adp instruction to the investment power Tribunal. All Eleven Members of the IPT are Senior Barristers who have serves as Judges.
After Checking, The Bar Council Told Computer Weekly that it is “was not notified of the takingown of this document by the NCSC. We will contact the NCSC and Make Enquiries about the status of the document and its removal. ”
A bar counsel speakesperson added that the council would consider linking to a National Archive Copy of the REMOVED Page and Document “After Speaking to our it is panel and raising it with the ncsc.”