According to security expert Chris Kubecka, informing the government of cybersecurity vulnerabilities should be simplified.
Security researchers have argued that they need to be listened to when they see suspicious software online and insecure domains, especially with public members being attentive to potential terrorism.
In a recent keynote speech at the Security BSides London conference Kubecka announced that it’s too difficult to contact public and private sectors to inform them safely if their systems are at risk.
“We need to be able to ‘If you see something, say something’ but how can I say something?” said Kubecka. “There’s literally no secure way that I can get this information to the National Cyber Security Centre.”
Kubecka showed a dark net website to Sky News called the International Criminal Market, which offers to sell ‘complete, whole country information.’
“This could be used by terrorists, but has most often been used by people traffickers. I found a seller who was able to compromise one of the UK passport offices overseas,” announced Kubecka.
“This contributed to the UK rolling back on issuing passports from overseas. They stole thousands of passport blanks, which are still in circulation. The price is only £1,200,” she added.
Kubecka noted that if vulnerabilities that lead to breaches are reported they could be prevented.
Written from source by Leah Alger
Source: Sky News