NEWS Hackers are to be employed to test the effectiveness of the IT security defences for the House of Commons computer systems.
A three-year IT security contract is up for grabs to conduct internal and external penetration testing on routers, firewalls and critical servers using a range of independent vulnerability assessment techniques.
The winning contractor will need to have the CHECK government IT security accreditation and will be required to carry out the tests at least twice a year.
The House of Commons is also looking to buy an intrusion prevention system (IPS) - a combination of intrusion detection software and a firewall - to reduce the risk of denial of service attacks, virus outbreaks and Trojans.
The system will be positioned both at the network perimeter and on each desktop computer inspecting all traffic as it enters or leaves. This will help prevent encrypted attacks and protect the network internally from compromised machines.
Comments
There are 5 comments. Join the discussion
1. Zebidy
About time. Maybe someone has finally realised that hacking in its purest form is both an art and a science and not employing their talents (assuming they're not script kiddies) is actually a waste of resources.
2. anonymous
Are we about to witness a practical aproach with some positive feedback, when will the general public see any progress.
When will punitive measures be taken to erradicate damaging access to ALL computer systems both private and not only official data.
All users are frusrated with the problem being allowed to continue for so long. It may be regarded as a game for the hackers "do they" think or care of the consequences of their actions.
3. Mr Wolf
Does this indicate that there isn't a Government IT department responsible already for this area of security? That's pathetic. I'm in a department of 4 IT people for a charity, and we test ourselves regularly to make sure that we've got decent systems and defences in place. Sounds like someone thinks it's a good idea to hire wolves to look after the flock...
4. Harry Dhillon
This is absurd. There are a number of specialist testing consultancies in the UK who specialise in corporate and government testing - and not only security.
Allowing anyone to compromise public/government systems or the information contained within should be a very serious criminal offence. By way of hiring hackers we would be negating the law. IMHO, those who negate the law should be seen to be breaking the law.
If hiring hackers is acceptable by the government, we may as well openly hire bomb laden terrorists to 'test' security on the underground, airports, trains etc. Not an option? Nor should hacking be.
5. anonymous
The only absurd thing is the way the author of this article has interpreted the procurement notice. Parliament are not going to employ 'hackers' to do anything. Perhaps Mr McCue would be better suited writing for the Sunday Sport.