Capita admits some pension data 'likely' to have been accessed in March breach Capita is telling pension customers that some data contained within its systems was potentially accessed when criminals broke into the outsourcing giant's tech infrastructure earlier this year. The business admitted to a "cyber incident" – that nebulous phrase which downplays the significance of an attack – in March, when …
"they're just a bunch of second-rate chancers"
I disagree - They are very focused and good at what they do best, which is negotiate airtight contracts that guarantee a ridiculously good financial return for themselves, no matter how poorly they perform.
Only "airtight" because some dumb head in politics who gets a back-hander knows that and signs them.
Nobody with purchasing responsibility and a brain would ever sign those kind of contracts, unless it was basically a back-hander large enough to guarantee their future, that would also absolve them of all responsibility.
Capita aren't some legal geniuses. The heads of organisations are basically being bribed into signing contracts that nobody in their right mind would ever sign, which tie in all their successors for decades in some cases.
I think it should be illegal in government to sign a deal that lasts longer than the next election, and even if you did, the courts should throw it out anyway.
That sort of thing used to be handled by the Civil Service. Some of those guys actually had a clue. But they have suffered purge after purge of whoever disagrees with the government of the day. Now all that's left are Yes Men who have less brains than the rubber stamp that they wield. So it's not surprising, really.
"Come the glorious day citizens, Crapita's bosses will be first up against the wall!"
The Hitchhiker's Guide to the Galaxy describes the Marketing Department CEO's of the Sirius Cybernetics Corporation Crapita as: "A bunch of mindless jerks who'll be the first against the wall when the revolution comes."
Curiously, an edition of the Encyclopedia Galactica which fell through a rift in the time-space continuum from 1000 years in the future describes the Marketing Department CEO's of the Sirius Cybernetics Corporation Crapita as: "A bunch of mindless jerks who were the first against the wall when the revolution came."
Only their complaints department survived the general economic implosion of the company as a whole.
A little story from my youth (ok, about 10 years ago). My previous company (a SME) worked on numerous relatively small contracts for the UK MOD and based on our previous performance we were then asked to quote for a good chunk of work.
We lost the bid, not on technical grounds, but because we were deemed to small to support the size of contract. A week later we were contracted by Crapita asking if we would undertake the work on their behalf (at a reduced rate doubtless so that they could make more of a profit).
Turns out that Crapita had bid for a type of specialist work that they could not actually do in-house as they lacked the expertise and were desperately hunting for a competent sub-contractor. As we had picked up another contract we told them to get stuffed. I cannot comment on the quality of their work but have not come across them since doing similar tasks.
Sounds about right.
I am currently contracting for a larger outsourcer working on a thing which you really would've thought keeping the knowledge in-house would be important. It's not like I'd ever worked for the outsourcer before - I was recruited specifically for this role. So the org is paying the outsourcer who is paying the agency who are paying me. The fact that the likes of Crapita bid for stuff where they have no experience or knowledge is unsurprisingly. And depressing,
"... Capita is working closely with specialist advisors and forensic experts ..."
Why does an organization (for want of a better word) like Capita even need outside specialist advisors and forensic experts?
If they're handling billion pound government contracts they should already have departments full of specialist advisors and forensic experts, and people should be coming to them for advice, not the other way around.
Why does an organization (for want of a better word) like Capita even need outside specialist advisors and forensic experts?
In a word, profit.
Crapita can buy in these skills from the likes of Bangalore for a tiny fraction of the cost of having those services in-house. Which itself would be a tiny fraction of the price charged paid by their customers/victims.
In “where the red fern grows” is described a trap for catching a raccoon (without a hunting dog) so you can harvest the fur to train your dog so that you can hunt raccoons “fairly.”
What you do is you climb up a tree and you bore a hole down partway into a branch. Then, you place a shiny metal disc into the hole, just small enough to fit. Then, you drive a nail into the branch, but angle it so the pointy end protrudes into the hole.
The upshot is that the raccoon can reach into the hole, and he can grab the metal, but he won’t be able to pull it out past the nail. He can drop the metal and pull out his paw and escape if he needs, but he can never pull out the metal: he can only touch it, and grab it, but can never have it.
In the book raccoons are dumb enough that they won’t let go of the metal, and you can blast them in between the eyes before they give up the sparkly treasure.
I feel that data security specialists have never yet been smart enough to figure out a way to use a similar technique to reliably secure precious databases.
There’s raging dumb out there, for some reason.
(I’ll even spell it out, if anybody cares. You put your data into a “hole” that has only one public way to access it, which is through the opening, and you can see that all the data is in there, but there’s a nail blocking the opening and you can never get the whole data set out at once. The exact way this is done is a supremely trivial exercise which probably involves a completely isolated server and a single pipe out by just one query protocol that is accessible by one single device. I’ll even describe my own personal security measure, my entire household is serviced by the absolute cheapest, slowest connection commercially available, which is 5 Mbit download, 0.5 Mbit upload. You’d have to continuously saturate my upload bandwidth for several years before you can steal all my data. Security specialists: are you seriously so stupid, you cannot figure out this trivial issue?)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
