Fear of bugging prompts iPad ban in UK Cabinet meetings

Filed Under: Data loss, Featured, Law & order, Malware, Privacy, Security threats

Ipad. Image courtesy of Shutterstock and Flickr user InUse ConsultingiPads were plucked from users' hands at a UK Cabinet meeting last week, because of fears that they might be bugged by foreign intelligence agencies.

The Daily Mail on Sunday reported that the Ministers were using the devices for a presentation by Cabinet Office Minister Francis Maude and Mike Bracken, who's in charge of the Government Digital Service.

The talk was on the topic of saving the economy close to £2 billion ($3.19 billion) a year within the next four years.

Typically, the Cabinet isn't particularly generous about applause for presentations, the Daily Mail said, but this time, when the talk wrapped up, Ministers clapped.

That's when the government's security team pounced, the Mail reports, whisking all iPads out of the room to avoid careless talk reaching the wrong ears.

It doesn't stop there, The Telegraph subsequently reported.

Given the security force's fear that foreign intelligence agencies have developed the ability to turn mobile devices into eavesdropping bugs without their owners' knowledge, all tablet computers - which, one assumes, covers all manufacturers' gadgets, and not just Apple's - are now banned from Cabinet meetings.

The Telegraph's Matthew Holehouse writes that Ministers in sensitive government departments have also been given soundproof, lead-lined boxes that they're required to store their mobile phones in while having sensitive conversations.

The concern, he writes, is that

China, Russia, Iran and Pakistan have developed the ability to turn mobiles into microphones and turn them into transmitters even when they are turned off.

The news comes fast on the heels of reports last week from Italian newspapers (including La Stampa) that delegates to the G20 summit near St. Petersburg, Russia, received USB sticks and mobile phone chargers boobytrapped with Trojan horse malware.

The devices reportedly were able to secretly tap emails, text messages and telephone calls.

According to Corriere della Sera, when he got back to Brussels, the G2 European Council President, Herman Van Rompuy, sent the devices over to his security managers.

They in turn asked for help from the German secret service.

Their analysis resulted in a memo going out to member states indicating that the USB stick and power cables were "suitable for the illegal collection of data from computers and cell phones" and that member states should "take every possible precaution in case these items have been used and if not to entrust the security structures for further inspection."

Russia has denied the allegations.

What are the lessons here for businesses? Typically, most don't struggle with the fear of a nation turning their employees' devices into surveillance bugs.

But with or without the threat of foreign intelligence spying on your organisation, iPads, or any other tablet for that matter, are in many ways just smartphones in a bigger form.

That means they carry the same risks to a company's network security.

Such devices also usher in the bring-your-own-device migraine.

Practical tips in these surveillance-happy times

The traditional, centralised approach of configuration management, software, patching and security is often impossible, if not irrelevant, on such platforms, as Sophos's Ross McKerchar has described in his article about handling smartphones in the workplace.

That article has tons of good advice on handling device security, including segregating a user's personal iPad or other device so that they don't have direct, unrestricted connectivity to crucial servers unless absolutely necessary; having clear policies on passwords and jailbreaking; evaluating the risk profiles of platforms (Android vs. Apple); educating users; and more.

But wait, there's more!

Ross followed up with this article, which delves into what an attacker might do with the juicy tidbits on a stolen or lost device. This includes the social engineering stunts that can be pulled, given that the device would likely contain the owner's address, date of birth and information that could then help to answer account security questions.

Still worried about your mobile phone being a bug? Advice for the truly surveillance nervous: Before you read either article, lock your cellphone in your car trunk.

Don't read the articles out loud, and try to avoid moving your lips while you read.

Image of UK flag and ballot box courtesy of Shutterstock. Image of iPad by Flickr user InUse Consulting.

, , , , , , ,

You might like

5 Responses to Fear of bugging prompts iPad ban in UK Cabinet meetings

  1. softwareforparentalcontrol · 351 days ago

    What a silly knee-jerk reaction. If they want to put an end to eavesdropping and spying they'd better start with their own GCHQ.

  2. Spryte · 351 days ago

    "Don't read the articles out loud, and try to avoid moving your lips while you read."

    And do not forget your tin-foil hat when you start thinking about being bugged.

  3. Andrew · 351 days ago

    seems to me all spying on normal people should be forcibly stopped. The whole idea of this spying lark was to keep us safe from terrorists. but now the tables have been turned and our spying organisations are trying to entrap normal people just to screw them for their money, by way of making that person defend themselves in a court of law that costs an absolute fortune to defend no matter what the offence, it could be a simple as a non payment of a parking fine. Anything to keep the population down and controlled.

  4. Freida Gray · 351 days ago

    Could one more "take away " be to beware of the "freebies" you get at conferences?

  5. Randy · 347 days ago

    You can't stop spying. If somebody wants your data they will find a way to get it. Banishing iPads is not going to be the solution. Exploiting technology and developing electronic countermeasures is a work in progress. We have smart guys and they have smart guys and it's all a game of Chess to them. Sometimes you win and sometimes you lose.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.