News

Surveillance watchdog inspects GCHQ IT vendors’ security risks

Observatory commissioner is investigating about GCHQ IT contractors' security arrangements as the vendors have administrative level access to the live GCHQ computers containing UK population's highly sensitive records.

Government Communications Headquarters UK, in the line of fire!

Are you surprised!?

Wondering, how come a modern and progressed country like the UK is facing such significant problems regarding security measures?

Here is the reason why.

As per the reports: researchers are investigating the security measures for IT contractors who have access to GCHQ’s online computer systems — and have sensitive data about the population of the United Kingdom.

This particular news has created chaos among many people – leading them to think that government is not doing its job correctly to keep security threats at bay.

Surveillance watchdog inspects GCHQ
Without any adequate protection in place, the intelligence agencies of UK are sharing highly classified records about Britain’s population. Image Credit: Greenoid / Flickr

According to GCHQ, the UK regulator is investigating the possible security risks of highly confidential intelligence information.

What is GCHQ doing now?

Currently, almost 100 external IT contractors have the privilege to access the admin system and their highly confidential data.

GCHQ already condemned in court that the external software and hardware contractors have administrative rights over the computer systems.

And of course, all those GCHQ systems contain some of the most confidential data, collected in the context of electronic activity monitoring through internet and telephones.

However, the journalists think that the GCHQ has provided new evidence in the hearings of court.

And it turned out that hundreds of IT entrepreneurs had privileged access to the IT systems of the agency.

The IPCO statement regarding current scenario

The investigator (IPCO), the director of law enforcement agencies and international surveillance – told reporters that, he sincerely believes employers can abuse the highly sensitive intelligence information by accessing the intercepted databases.

IPCO representative stated,

“We recognize the importance of reviewing security standards for business owners who may have access to confidential information, especially given the recent leaks by entrepreneurs in other countries.”, and this will be the focal point of our inspection activities in 2018″

Privacy International, a non-governmental organization (NGO) and a group of British judicial campaigns secretly report that business persons have privileged access to computer information systems of GCHQ.

Again that undoubtedly is a great threat to confidential information and intelligence services.

News Updates:

  • On 26 Feb 2018 afternoon, the chief witness of GCHQ faced the lawyers of Privacy International.
  • GCHQ uses IT companies to test and support the computer systems and software that participate in the development. Therefore, the external sources (the vendors) know precisely how agencies work.
  • According to Gus Hussein, executive director of Confidentiality International and specialist in information security, “there are certain security risks.”
  • He also added, “given that, so many people have similar access, he would be surprised that someone does not misuse their authorities for selfish reasons,”

GCHQ goes around

The GCHQ took an astounding backward step when the IPT political representative presented written evidence in a three-day Privacy International meeting in October 2017.

An anonymous witness showed that IT contractors could have the rights of a system administrator at the design, assembly and test stages of the project.

But once these tasks get completed, the powers get delegated to the members of the organization again.

At the end of November 2017, after the hearing, the director presented a new certificate, which eliminated the original evidence.

Questioning by news agencies:

Citizens are feeling threatened by so much of access given by GCHQ to different companies!

  • A news agency, on behalf of the public, questioned the effectiveness of independent monitoring of GCHQ work with industrial partners, including software companies and universities.
  • One of the key partners is the University of Bristol, where researchers have access to all GCHQ datasets using Internet and phone calls, as well as the websites they visit.
  • The Deputy Director of Policy of GCHQ announced in a written statement from IPT in June 2017 that the GCHQ auditors “generally knew the use of this GCHQ industry.”
  • However, in a letter to the court in September 2017, the investigator confirmed that the exchange of personal data “with industrial partners” was not verified and that the registration of the missions was not carried out.
  • Before filing a PI complaint, the commissioners did not know that GCHQ was providing information data to its industry partners. Since then, the IPCO has ordered inspections.
  • The sudden denial of GCHQ based on its evidence provoked criticism from Privacy International.

The recent outbreak in the story of GCHQ IT has brought the concerns of various parties into the limelight – We certainly hope that this chapter ends well. Fingers crossed!

Midhat Zehra
the authorMidhat Zehra
Staff Writer
Midhat is a freelance content writer who has more than five years of quality work experience with professional people. Holding a master degree, she is focused on combining her passions for writing and online media to achieve greatness in life. Her hobbies include reading, writing, music, and movies.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.