Twitter, Blackbaud and Liam Fox… some thoughts on security and Lamplight

There have been some notable security incidents reported in the past week or two (though they happened a while back): apparently Russian hackers got into Liam Fox’s personal email and found confidential papers there; someone got into Twitter’s back-end systems and from there tweeted a scam from some very high profile accounts; and Blackbaud admitted to a partially successful ransomware attack that compromised some high profile charity donor data and resulted in Blackbaud paying off the attacker.

Which, understandably, has led some of our customers to ask us again about our security practices. An overview of what we do can be found on our website.

Twitter, to their credit, are the only ones that have provided much information about what happened, and how. In common with many hacks now, it started with Twitter staff being tricked in some way. This kind of “spear phishing” attack – where key people are identified and individually targeted – is much harder to spot and defend against than some other ‘mass’ attacks (e.g. password brute-forcing).

All of our team have had external training on Information Security, and on defending against this kind of attack in particular, and it’ll soon be time for this to be refreshed. Access to tools and systems by team members is strictly limited. We also have processes we use to protect against social engineering attacks that aim to get access to customer systems. If you’ve ever locked yourself out of your system you’ll know about these.

No-one can say “it’ll never happen”. We have tested procedures in place to handle any security events that compromise the availability, integrity or confidentiality of customer data. And we’ll respond in line with our values – we’ll be open about what happened, be prompt in responding, and tell you what we’re doing to resolve the situation.