V silly statement from HMG on the Sue Gray issue.
4 problems with it:
1. The properly constituted Acoba process said that Gov’t hadn’t provided any evidence of a breach of impartiality, even when asked
2. By contrast, HMG ‘investigation’ finds only a ‘prima facie’ case… 1/3
Not seeking to distract attention from the wider issues, but I just want to put on record a tribute to the outstanding service of
@CISAKrebs
.
He’s been the best partner an ally could hope for. People in 🇺🇸, 🇬🇧 and beyond are safer online because of his work and leadership.
“This is a matter for the Northern Ireland Executive”
NI Secretary
@BrandonLewis
says the UK government won’t interfere with the DUP’s decision to halt Irish Sea border checks.
💻 𝗟𝗜𝗩𝗘 𝟵𝗣𝗠
@itvpeston
#Peston
With Chipping Norton & parts of Witney falling to Labour from the Conservatives, quite a few of us in rural Oxfordshire are surprised to find ourselves living in the new Red Wall...
4. Successive Govts have a long-standing convention of not commenting on personnel matters.
That now becomes harder to sustain in future cases thanks to this precedent.
And for what benefit to either the Gov’t or the wider public interest?
3/3
There's a lot of incidental speculation about the cyber dimension of the Russia/Ukraine crisis. Much of it implies a degree of certainty about how it will play out.
Here's why I think it's impossible to have much certainty when it comes to Russia & the West 1/🧵
People can respectfully disagree on how the UK Gov't should respond to referendum demands from a pro-independence majority in the Scottish Parl.
But the party political composition of that majority is of zero constitutional significance, so shouldn't influence the decision.
…in other words, nothing is proved;
3. There is no publicly available account of the standing of this ‘investigation’, of what its processes were, or how the conclusions were reached (in marked contrast to ACOBA). No evidence of any kind is adduced to support its findings
2/3
A 🧵to pay tribute to my wonderful colleague Alison Whitney OBE, who sadly died last week.
Alison was one of the most influential & effective people in setting up the UK's National Cyber Security Centre
@NCSC
, the crowning achievement of 30+ years of public service
@gchq
1/15
“The position of the UK Gov’t is that there is no lawful, democratic path to Scottish independence for an unspecified number of decades”.
This will change Union from one based on consent to one that survives only by force of law.
Me in
@thetimesscot
1/6
Here's an interview I did with
@BenQuinn75
for
@guardian
on the UK Govt's approach to Northern Ireland, where I was born and grew up.
And here is a (long, sorry) thread on the UK & NI specific constitutional trends & tensions behind my thinking 1/20
Slightly stunned to find myself on
@POLITICOEurope
’s list of 28 most influential people in European tech, so many thanks to them &
@laurenscerulus
in particular.
Never been called a visionary, or made into a cartoon, before
Brilliant initiative from
@britishlibrary
👇
They've published a painfully honest paper about their cyber attack to be transparent & help others learn from what happened
Most importantly, they've issued a statement on not paying on behalf of 🇬🇧 gov 1/3
One of the great media clarifications of all time 👇
(It follows the ‘story’ that a military simulation has resulted in AI ‘killing’ a human operative who was preventing it from doing evil deeds)
Now that the Government’s “war on Whitehall” seems to be over 👇, a thread on this curious episode.
TL;DR Absolutely nothing has changed in the civil service, apart from the identities of a few very senior office holders (1/20)
Significant - congratulations (if that is the right word for a reappointment; given the last 12 months I guess it is) to Tom Scholar. The survivor of the s**t list and HMT leadership recognised
The Minister’s own desk would have been empty when he was leaving these notes.
Similarly, officials would have been in meetings, visiting other colleagues, out on visits too.
Hardly anyone in the civil service has a job that’s best done all day at the same desk
Congrats & best wishes to
@RishiSunak
.
From a security perspective, I am relieved there won't be an online vote at this very short notice.
We must realise that political parties are tiny organisations, akin to charities. They are not gov'ts. They're not geared up... 1/4
There's a fascinating bit in the PM's levelling up speech which isn't about him or his administration specifically.
Instead, its another illustration of the extraordinary centralised nature and attitude of the British state 1/7
Extraordinary: ransomware attack on American company disrupts 20% of Swedish food retail capacity, pharmacies, train ticket sales & they’re not even direct customers
Hugely hono(u)red to receive the Gold Foreign Partnership Medallion from
@NSAGov
, and to have it presented (with appropriate distancing) by the legendary
@RGB_Lights
before he heads back home to head
@NSACyber
Great to celebrate a great partnership with
@ncsc
@GCHQ
@USAinUK
Eventually, the British state will recognise that it’s wrong & wholly counterproductive to claim that tech companies are somehow willingly complicit in awful crimes against children, simply because those companies introduce standard security features that protect all users 1/2
@ruskin147
We can & should lament this huge loss to technology journalism but more importantly let’s salute RCJ’s monumental contribution to the public understanding of technology in this country
Recommended reading for anyone who could do with an uplifting contemporary example of someone showing the highest standards in public service under the most extraordinary pressure
@lawfareblog
@C_C_Krebs
Message from school to say daughter has been awarded a star because she got full marks in the cyber security quiz.
Valuable if increasingly rare evidence that she at least occasionally pays some attention to her father’s rambling outpourings
The Five Eyes is an intelligence sharing partnership.
It isn't a foreign policy alliance, & never has been.
It has never had any economic or trade functions.
It has no inter-governmental political mechanisms.
All of this could be changed in the future, but it hasn't yet.
Sleepily turned on
@BBCr4today
today to hear
@amolrajan
speculating about whether the new leader would be a theocratic religious headliner or a more reformist figure.
It took a while to work out he was talking about Iran rather than the DUP
What I struggle to understand about this very significant package of U.K. constitutional changes (all this👇plus FTPA repeal) is how it fits with the Government’s instructions to parts of the United Kingdom to forget about constitutional politics & focus on post-Covid recovery
To include:
- requirement for photo ID for voters
- stopping protests which may cause “serious disruption” (the Home Sec having power to define that term in regs)
- restricting courts’ power to scrutinise legality of govt acts (going beyond recommendations of Faulks review)
Massive honour to be asked by
@TheEconomist
to write a “By Invitation” piece about trends in cyber security.
TL/DR: unusually for this subject, I’m optimistic.
Things are getting a bit better, & we should remember this when it come to the AI panic 1/5
Cyber & the war. My thoughts in
@lawfareblog
on:
- unexpectedly low cyber activity so far;
- high ongoing risk of cyber harassment & disruption against Ukraine & the west;
- the limitations of cyber power;
- implications for Western cyber posture.
I'm on the trains and... Guess what? I'm at Paddington and it's chaos and no-one knows when anything will run westwards again. This country is falling to pieces so rapidly it's astonishing.
The UK Govt needs a Northern Ireland strategy.
It needs big figures in No10, like Jonathan Powell in the Blair days and others in the Major days, to talk (and listen) often to the NI parties and communities and to Dublin.
This is serious and not just about Brexit any more.
30 years ago this month I was accepted as a student at
@HertfordCollege
.
Since I returned to
@UniofOxford
with
@BlavatnikSchool
it's been lovely getting to know this great college again. So it's wonderful to be made a Senior Research Fellow.
Thank you!
Today, President Trump looks like doing more damage to the West, to the fabric of democracy, to the rule of law, and to the unity of free democracies than Xi Jingping could ever hope to in a lifetime.
❤️ to all our true 🇺🇸 friends. We’re with you and know this isn’t the real 🇺🇸
In this piece for
@prospect_uk
, I argue that, esp when it comes to ransomware, we need to rethink how we balance risk and response responsibilities between the private & public sectors now that hackers are increasingly causing social disruption 1/12
This brilliant observation from Lord Evans, then head of MI5, in 2012 should be read by everyone in cyber security in 2021 tempted by the “increasingly sophisticated and growing” threat perma-narrative
(H/T
@bricksilk
)
Lord Evans of Weardale has been a fine leader not just of
@PublicStandards
but of MI5. Just weeks before the London Olympics, he was bold enough to defy the usual securocrat “ever-growing threat” narrative with this brilliant observation.
Whatever else may or may not be happening, I’m beyond proud to have spent the day in Belfast receiving an honorary degree from
@QUBelfast
.
Thank you so much to the brilliant team at the university for a really special occasion & esp my friend, the brilliant
@david_crozier
1/3
I challenge you to find a better first ten words of a tweet about a political issue than:
“If you've been following the Northern Ireland gerbil price saga…” 👇
If you've been following the Northern Ireland gerbil price saga over the last few months you may be interested to know that the average price of a small caged mammal in NI fell to £13.75 in July. That's the first time they've been cheaper than GB since last September.
Not commenting on New Zealand policy, but this misunderstands what the Five Eyes is and isn't.
It IS an extremely effective intelligence sharing alliance run by securocrats.
It ISN'T - yet anyway - a policy alliance between the five Governments 1/3
The list of the benefits of Northern Ireland’s various special arrangements keeps growing: guaranteed EU citizenship for anyone who wants it; cheaper gerbils, & now security of milkshake supply
The narrative around Brexit among its adherents is becoming so much like that of western communists half a century ago: it’s the right system, it just hasn’t been implemented properly
Can't we just merge income tax and national insurance and be done with all this ****ing about?
(You can see why I had to leave the Treasury in order to make some career progress...)
A few days ago, in this speech,👇
@armyCGS
Sir Patrick Sanders said "you can't cyber your way up a river".
Obvious, yes. Flippant. Perhaps.
But in the context of recent strategic decisions on UK national security, it's enormously significant 🧵1/
When the history of our times are written & polarisation & the crisis of the West is covered, there’ll be a special mention of the time a leading US Senator & serious Presidential contender blamed mass murder on the number of doors in a school because he couldn’t face the reality
Cyber security is often boring.
A British court finding that a Dubai prince used Israeli spyware to hack a member of the Lords who is also a senior lawyer who was alerted to it by Cherie Blair who advises the Israeli firm…
…is not one of those times
‘Unitary unionism’ is becoming just another form of nationalism, argues Professor Michael Keating in another brilliantly written, thought-provoking blog for
@ConUnit_UCL
It’s very strange that this speech about ethics in Government from the head of the committee on standards of public life hasn’t received a lot more attention.
Lord Evans, a superb former head of MI5, is someone who chooses his words carefully.
So reflect on this quote...1/
Minor point on the NI protocol row: Mr Poots’s remark that his decision follows legal advice is meaningless.
The advice will say something like “reasonable case can be made”.
Consulting a lawyer before taking a decision does not automatically make the decision lawful.
As ever,
@LordRickettsP
is onto something important (last point👇).
The lack of grace and genuine conciliation from the victors is astounding and most unwise.
The only thing they’ve shown they care about uniting - successfully - is the Conservative Party.
In contrast...1/4
The leaver/remainer distinction is now meaningless. Most speakers accepted that the priority is to make the best of where we are now. But it was as if the two sides were speaking different languages. And the gov’t made absolutely no effort to strike a tone of reconciliation.
Whatever else about the
#Optus
breach, good on the Government of Australia and Minister O’Neil for stamping on the usual narrative that “this was a highly sophisticated attack blah blah”.
Properly understanding the way data breaches work is key to mitigating them in the future.
What happened at Optus wasn't a sophisticated attack.
We should not have a telecommunications provider in this country that has effectively left the window open for data of this nature to be stolen.
#abc730
Thanks to
@BBCNewsnight
for inviting me on to talk about the constitutional implications of the Scottish Parliamentary election, the (likely) clash between law and mandate & what it means for the Union
"Is it a union of consent or a union upheld by law? At the moment we don't have an answer for that."
Former Constitution Director at the Cabinet Office
@ciaranmartinoxf
tells
#Newsnight
the UK is heading for a conflict between mandate and law between Edinburgh and London
Truly an honor to introduce and welcome former President
@BillClinton
and former Prime Minister Tony Blair to
@CryptoBahamas
to cap off an incredible Day 3.
Congratulations to the wonderful Chris Inglis on his unanimous Committee approval as the first US National Cyber Director (noting that any other outcome would have been a bit crazy!). Hopefully full Senate approval follows soon. US allies benefit as well as US
Senate Committee unanimously supports nomination of Chris Inglis, Paladin Managing Director, as the nation’s first National Cyber Director. The nation wins big with Chris at the helm of all cyber. Congratulations.
Unionists need to decide whether they want to save the Union by convincing enough people to support & cherish it or by hardline legal tactics. It’s one or the other. This new ‘muscular’ unionism feels more like ‘know-your-place’ unionism 3/6
About to board plane to San Francisco for
#RSA
.
I don’t work for the government anymore, & this is the first business trip in my life where I haven’t brought a suit.
This is my act of rebellion/ mid life crisis…
The IR doesn’t really say UK could respond to cyber attacks with nukes. The position is coherent, not stupid.
But Govt caused these headlines with months of militaristic cyber language.
Please bin this ‘cyber rattling’ talk in the new cyber strategy
Struggling to think of any other civil servant in my 23 years there that had as much positive impact - at national & global level - in their specialist field as Dr Ian Levy has had in cyber security. Well done my friend, & great blog too
Ian Levy, technical director of
@NCSC
, announces his departure from government - and offers ten things he has learnt from twenty years at
@GCHQ
- ranging from quantum state superposition jokes to why cybersecurity never seems to learn from the past
Delayed by a pandemic, some erm, leadership disruption, and lately a snowstorm, this beautiful, treasured leaving present arrived today from my brilliant friends
@CISAgov
. Thanks to
@C_C_Krebs
,
@jmmanfra
,
@Travis55DC
and your teams for the best of partnerships. You did it right.
There is no such thing as an ‘interim’ or ‘acting’ PM. Whoever is appointed by HM assumes the full authority of the office. If they wish to say publicly they’ll quit when leadership contest is over, that’s up to them & the party. But they are fully PM for however long that takes
Great way to start the way in the US - coffee with the brilliant
@CISAJen
& some of her great team at
@CISAgov
HqQ in Arlington. Keep up the amazing work!
Disappointing to see the Gov’t again hide behind the tired, empty language of “we’ll respond aggressively to cyber incidents but we can’t tell you how because it’s all too secret” when answering MPs on China/Microsoft yesterday.
MPs on all sides were right to be sceptical 1/4
Trying to imagine Mrs Thatcher in 1990 signing off as PM with a speech including “thanks a bunch Harold, thanks a bunch Jim”.
(Text from
@JGForsyth
@thetimes
)
There must be, or at least should be, a German word for the activity of spending ages inventing a new technology & then going around loudly warning about how dangerous it is.
Suspect Conti are under pressure from someone - maybe the Russian government or other criminals. Ransomware works best for the criminals when private companies pay in secret. Attacking a state healthcare system in the full glare of publicity is not good ‘business’
This HSE story is incredible. Confirmed now that the hackers have unexpectedly gifted HSE a decryption key to help the health service recover. Irish government using it but having to convince the public it hasn’t paid Conti and has ‘no idea’ why they gave it away for free.
Really enjoyed contributing to this important cover story in
@TheEconomist
. So good to see
#cybersecurity
given this prominence.
The piece also reaffirms that nothing will ever beat Ian Levy’s “medieval witchcraft selling magic amulets” description of the problem 😄
The day HRH Duke of Edinburgh accompanied HM The Queen to open
@ncsc
.
Ian Levy showed us how a vacuum cleaner can be used for spying.
@TCHisTree
showed us an old wartime code book.
The Duke remembered those books, but not fondly!
RIP
Under pressure from the US after all the ransomware attacks last year, Russia has made some rather theatrical arrests of cyber criminals.
@C_C_Krebs
has called this 'ransomware diplomacy'...15/
Morning everyone. Just woke up from a really weird dream in which the Prime Minister had appointed the leader of the Democratic Unionist Party as some sort of unpaid envoy to Cameroon…
The lesson of 2020 is that noisily forcing out a small number of permanent secretaries pour encourager les autres, some hi-tech gimmicks, and one speech with no follow up, does not constitute a serious programme of civil service reform (20/20)