It has been reported that an MP and House of Lords peer travelled to Syria earlier this month and inexplicably, decided to live tweet their location.

Lloyd Russell-Moyle and Maurice Glasman informed no one of the trip.

According to the Guido Fawkes blog, order-order.com here, the news that the pair were in Syria ‘sparked panic across the two departments’, with officials ‘furious that the lives of British armed forces would be put at risk’ if they had to be sent in should something go wrong.

In the article, the government are quoted as responding:

This was an utterly reckless act that could have led to our armed forces being put in danger had they been kidnapped. It is mind-numbingly stupid given the political climate and could have severe consequences in terms of ongoing court cases over here.”

Read more about this here.

This is perhaps the worst example of what appears to be a severe lack of information security on display by many in Parliament. Earlier in the year, we reported that Member of Parliament Nadine Dorries sparked widespread concern after claiming it was common practice for MPs to share computer log-in details with staff and interns.

This is an incredibly irresponsible example of poor cyber security, information security awareness and overall lack of accountability this generates. One of the most basic security mistakes out there is sharing account credentials. It should also be noted, this is one of the MPs who is trying to ban or limit encryption.

Parliamentary ICT (PICT) Security Policy specifically states on the matter:

Additional sections repeatedly make clear that passwords must not be shared.


Jim Killock, of the Open Rights campaign group, said:

“On the face of it, Nadine Dorries is admitting to breaching basic data protection laws, making sure her constituents’ emails and correspondence is kept confidential and secure. She should not be sharing her log-in with interns.

“More worryingly, it appears this practice of MPs sharing their log-ins may be rather widespread. If so, we need to know.”

The Information Commissioners Office said:

“We’re aware of reports that MPs share logins and passwords and are making enquiries of the relevant parliamentary authorities. In the meantime, we would remind MPs and others of their obligations under the Data Protection Act to keep personal data secure.”

Raj Samani, chief scientist at McAfee said in an interview with the Telegraph today:

“The news that MPs regularly share their passwords with members of their staff is an example of the dangers caused by the mentality that ‘it won’t happen to me’, or ‘it won’t happen to me again. In this case, the need for teams to easily and quickly access email, social media, or other information has clearly become more of a priority than securing data.

The House of Commons needs to take steps to ensure that MPs are appropriately educated on the dangers of sharing their passwords. It is clear that better cyber education policy is needed in government.”

It’s disturbing how careless MPs of all stripes are so careless about basic cyber security, especially as 2017 has seen cyber attack wreak havoc with public sector systems such as the NHS.

George Allison
George Allison
George has a degree in Cyber Security from Glasgow Caledonian University and has a keen interest in naval and cyber security matters and has appeared on national radio and television to discuss current events. George is on Twitter at @geoallison
Twitter

RELATED ARTICLESMORE FROM AUTHOR

28 COMMENTS

  1. Hardly a massive issue is it? Kobani is deep in Kurdish territory, loads of US personell there as well, and from what I can read this outrage is by “two unnamed government sources” oh yeah that old chestnut.

    The guy who runs guido Fawkes used to be a bnp member didn’t he?

    • Morning SoleSurvivor
      The MP is doing no one but himself any favours.
      As far as I am aware Paul Staines was or has not been a member of the BNP, besides exactly what that has to do with what he is reporting is irrelevant. unless you are trying to somehow undermine his credibility by randomly associating him/website with something.
      Outrage is a strong term, who and WTF may have been a more likely response from the FCO.
      Hope his passport gets stamped though ??

      • Morning Lee

        I know he wasn’t a member of the BNP, all he did was try make a pact with the BNP when he was leader of some conservative group. He said he shared a lot of the BNP’s objectives. Google it and have a look.

        The guido Fawkes blog is a borderline fake news blog, it’s been caught lying many, many times, are you telling me two government sources instead of going to the BBC’s or the telegraph etc, went to a blog? It’s bullshit.

          • It’s called a taste of ones own medicine, smear vs smear.

            You see it’s really easy to make stuff up on the internet.

            Just like his “two unnamed government sources”

            The MP in question has now said he did inform the relevant authorities before he went, see dad’s army’s post below.

            Although Paul staines did try set up a conservative-bnp joint organisation when he was at university. Now that is fact.

          • Liam you must be either new or you rarely read the comments section. If you think this is trolling, well, I hope your head doesn’t explode when you see one.

          • That’s not trolling that’s open honest robust debate and challenge, having different views is not trolling.

            Although telling someone you don’t agree with that they are a Troll is by its nature trolling.

        • Hi Sole survivor
          Agree with your 0945 blog but cannot reply to that.
          MP is a silly billy, but has his splash and has made his point.

          This, and lots of other things that are now being rattled around in the press is all part of the game being played. We have to work out the wheat from the chaff

  3. Where is the astonishment and outrage George?

    I’ve just looked on twitter and a total of 4 people have mentioned it including the guy who wrote it in the last 24 hours.

    The guy tweeted that he was in Syria 3 weeks ago for all to see, and now 2 “unnamed government sources” have bypassed the entire mainstream media and went to the guido Fawkes blog.

    And in tomorrow’s news pigs can fly.

    Don’t expect the mainstream media to run with this, the first and last time they used guido Fawkes as a source was the Corbyn spy claim.

    That culminated in Andrew Neil slamming it as fake news and skewering a Tory MP on the daily politics and another MP having to write a drooling apology on twitter.

    • Since these two are or have been in Syria, it isn’t fake news. The issue is: Was it wise? Should they have got advice and or personal security. News organisations do. I would have thought the number of journalists and photographers who have been killed in or around war zones would have been an argument for caution. It isn’t stupid to take personal security into account. But we have been here before: Norman Kember got himself kidnapped whilst on a self-declared ‘peace mission’ and had to be rescued by the S.A.S., a rescue he did not acknowledge anything like fully enough in some people’s eyes, nor sufficiently thank his rescuers in public. Why? Because Kember, in important and significant ways, went to show solidarity with the people who found him more useful as a tool. Which to some extent these two are. Tools. Pun intended.

  4. ‘I would suggest you find an alternative route, sir, there’s a bloody great hole in the road and it would be unwise to travel any further.’ ‘Hmmmmmmmmmmm?’ He said.

  5. There’s an update on order order, which really really doesn’t like Labour or the left:

    UPDATE: Statement from Russell-Moyle:

    “I did inform the FCO before I departed, informing them of our movements. I met with UK Ambassador in Iraq, the UK Consul-General in Erbil before & with him on the day we returned to debrief. We received security protection form Gov. of Kurdish Iraq and Northern Syrian Government.”

    I’m guessing that the two politicians slated are both Labour.

    I personally would prefer to get my news from the Beano.

    • Dads army wrote:
      UPDATE: Statement from Russell-Moyle:I met with UK Ambassador in Iraq,

      But Iraq isn’t Syria and did he inform him he was popping across in Syria?

  6. “these are the kinda guys who would be kneeling in the sand, hands tied together, with a Jihadi standing behind them about to saw off their head”

    “Shame it wasn’t his wife suffering from migraines, there might have been fewer mini labour voters in the family”

    A couple of the top rated comments underneath said article, if you can call it that. What a lovely bunch.

    Nice one uk defence journal, impartiality at its finest I see.

    • I bet you wouldn’t say that to the face of one of those fighters. Using an online forum to hide behind when you say horrible things is cowardly and not welcome here. If you were just trying to be funny, a generous spoonful of humour is needed because that comment was devoid of it.

      • That’s unpleasant, very unpleasant. I have no problem with a lively debate between left and right, the focus at home or be international brigades, but comments like that are impacting on the quality of commentary on this site.

  9. When I travelled to Hong Kong on holiday as a member of HMF I had to:
    1) Declare my visit as per standing orders of visit to China
    2) I had to visit my local Int and Squint for a briefing
    3) On my return I had to pop in again to be debriefed.

    When I visit Northern Ireland on Holiday I have to:
    1) Read up on the current threat on line
    2) Submit my application to HQ NI regards my visit with dates and where I will be staying

    So how can a so called British MP (who has to follow similar guidelines) come out with, I mentioned my trip in passing feel he did enough in which to cover his backside. Yes The North of Syria is safer than it used to be, but it is still an Out of bounds area which at the time of his visit was deemed to be the next target for the Turkish armed forces. Not only that, but he felt the need to pass comments in his capacity as a British MP against ….Turkey. Seeing as Priti Patel was forced to resign for visiting Israel, why hasn’t this bumbling idiot (And yes he is a dickhead) been reprimanded for not following the rules (Err saying you are popping over to OBO isn’t the same as carrying out the correct procedure) when he not only placed his own life at risk, the people around him, but any British serviceman from the Hereford Mafia who would have had to go in and save his lilly white backside if he been picked up and taken away by really peaceful people (well so the media keeps telling me) in which to visit Ali’s snack bar .

  10. Whatever the rights and wrongs regarding how the visit was organised and despite the political leanings of the MP and Peer concerned, which I do not share, I am please to see British politicians voicing support for the Kurds and calling out Turkey for what it is… an increasingly islamo-fascist state, which denies basic rights to its own citizens and recently launched an unprovoked attack on Afrin on the dubious pretence of self protection. The lack of concern expressed by the British government and NATO regarding the behaviour of the Tuks is incredibly disappointing. With freinds like Turkey, who needs enemies.

  11. I’m not finding any other credible sources for this, if it has not been reported by multiple channels of information with good primary sources then it’s just so much noise.

    Still the wider piece on IG governance is worth remembering, cultural issues around the sharing of passwords for easy is a mare and has a high risk that at some piont it will come along and bit a person, persons or organisation badly, seen it, investigated it, sat across the table thinking you poor idiot…….

LEAVE A REPLY

Please enter your comment!
Please enter your name here