Britain’s top anti-terror cop today signalled MPs may have to put up with more intrusive security at Parliament to protect it in future. Scotland Yard s anti-terror chief Mark Rowley stressed that a review following the terror attack1 would probe whether a different tone or balance was needed for security at Westminster.
Our current arrangements have been developed with Parliament over many years and are designed to provide access to the seat of our Government balanced with security that is proportionate but not overly intrusive, he said.
As would be expected, my team will work with Parliamentary authorities to assess whether a different tone or a different balance is necessary. Police at the scene after the attack (Stefan Wermuth/Reuters)
He spoke out as calls grew for more armed officers to be deployed at key points around the estate.
Senior Tory MP Nigel Evans said: If the tragic death of Keith Palmer points us to any action that we need to take it is if we are going to have unarmed police officers on the frontline, we need to ensure that within inches of them there are armed police officers behind them. Forensic investigators at the scene of the attack (Jeremy Selwyn)
The attacker, Khalid Masood, 52, is understood to have been shot dead by two officers from Defence Secretary Sir Michael Fallon s personal protection team who were waiting for him in his official car as he went to vote in the Commons. This has raised concerns among MPs over the speed of response of other armed officers.
However, Ken Marsh, chairman of the London Police Federation, said: If these two were not there, there would still have been armed officers there in seconds. It emerged today that Masood burst through Parliament s main carriage gates while they were open for a car carrying Acting Met Commissioner Craig Mackey to leave the estate . Mr Mackey was driven off quickly.
Police officers have long complained the solid iron Victorian gates are too heavy to open and close constantly, despite modifications, for cars to come and go, which may explain why they were not shut instantly. Meanwhile, amateur footage captured the apparent confusion of the moments after the attack when Theresa May was walking through a Commons courtyard flanked by protection officers. After shouts of Get in the car , the Prime Minister began to walk one way before veering back to the nearest car .
A member of the security detail is heard shouting for his car keys, in the video published by the Sun. The security review will also inevitably focus on the vetting of the thousands of people with passes to access the parliamentary estate. More than 1,200 passes have been lost over the last seven years, including 280 belonging to MPs, which once reported are blocked from use.
Hundreds of people on social media backed calls by MP James Cleverly, who served in the army with Pc Palmer, for him to be post-humously honoured, with the George Medal or another award.
Meanwhile, former Culture Secretary and ex-London Minister Dame Tessa Jowell said: There should be a lasting memorial to those who died and to the emergency staff who, like PC Keith Palmer, showed such courage.
Your antivirus and network protection efforts may actually be undermining network security, a new paper and subsequent CERT advisory have warned. The issue comes with the use of HTTPS interception middleboxes and network monitoring products . They are extremely common and are used to check that nothing untoward is going on. However, the very method by which these devices skirt the encryption on network traffic through protocols like SSL, and more recently TLS, is opening up the network to man-in-the-middle attacks.
In the paper1 PDF, titled The Security Impact of HTTPS Interception, the researchers tested out a range of the most common TLS interception middleboxes and client-side interception software and found that the vast majority of them introduced security vulnerabilities.
“While for some older clients, proxies increased connection security, these improvements were modest compared to the vulnerabilities introduced: 97 per cent of Firefox, 32 per cent of e-commerce, and 54 per cent of Cloudflare connections that were intercepted became less secure,” it warns, adding: “A large number of these severely broken connections were due to network-based middleboxes rather than client-side security software: 62 per cent of middlebox connections were less secure and an astounding 58 per cent had severe vulnerabilities enabling later interception.”
Of the 12 middleboxes the researchers tested ranging from Checkpoint to Juniper to Sophos just one achieved an “A” grade . Five were given “F” fail grades meaning that they “introduce severe vulnerabilities” and the remaining six got “C” grades . In other words, if you have a middlebox on your network and it’s not the Blue Coat ProxySG 6642, pull it out now. Likewise, of the 20 client-side pieces of software from 12 companies, just two received an “A” grade: Avast’s AV 11 for Windows (not Mac), and Bullguard’s Internet Security 16 . Ten of the 20 received “F” grades; the remaining eight, “C” grades.
How does it happen?
TLS and SSL encrypt comms between a client and server over the internet by creating an identity chain using digital certificates . A trusted third party provides that certificate and it verifies that your connection is to a trusted server. In order to work, therefore, an interception device needs to issue its own trusted certificate to client devices or users would constantly see warnings that their connection was not secure. Browsers and other applications use this certificate to validate encrypted connections but that introduces two problems: first, it is not possible to verify a web server’s certificate; but second, and more importantly, the way that the inspection product communicates with the web server becomes invisible to the user.
In other words, the user can only be sure that their connection to the interception product is legit, but has no idea whether the rest of the communication to the web server, over the internet is secure or has been compromised. And, it turns out, many of those middleboxes and interception software suites do a poor job of security themselves . Many do not properly verify the certificate chain of the server before re-encrypting and forwarding client data . Some do a poor job forwarding certificate-chain verification errors, keeping users in the dark over a possible attack.
In other words: the effort to check that a security system is working undermines the very security it is supposed to be checking . Think of it as someone leaving your front door wide open while they check that the key fits. What’s the solution? According to CERT2, head to the website badssl.com3 to verify whether your inspection product is doing proper verification itself . And of course, check out the SSL paper and make sure you’re not running any of the products it flags as security fails on your network.
Working hours : Average 56 hours per week, 12 hours shifts day and night / days 07.00-19.00 and night 19.00-07.00 Address:
PHE 61 Colindale Avenue, London NW9 5HT
To provide high visibility security Static guarding at the properties/building and surrounding grounds. Principle Accountabilities:
Providing high visibility Static Guarding of the property/building and grounds Provide a visible deterrent regarding security issues on the property/building and grounds
Provide CCTV monitoring of the perimeter of the property/building and surrounding grounds To have Conflict Resolution training / experience Maintain accurate records and logs of incidents and site visit logs
Liaising with Police and other public bodies to ensure a coordinated approach and awareness of local issues Dealing with communications from telephone calls and radio users in a professional manner in accordance with operating procedures Exchanging all necessary information to colleagues during shift change
Develop and maintain relationships with all the clients departments Maintain accurate site contract administration files Be conversant with all statutory compliance processes and procedures
Ensure that all EMCOR policies, procedures and standards are in place and adhered too Maintain day-to-day contact with the customer s representatives and attend meetings as directed To carry out other reasonable administration requests for other departments as directed by the Engineering Services Manager and EFS Management Team
Security Industry Qualifications Front line SIA Licence for Security Officers Owner / driver with full driving licence A good Level of interpersonal and customer relationship skills
All applicants who are offered employment will be subject to a criminal record check (Disclosure) from the Criminal Records Bureau before the appointment is confirmed. This will include details of ALL cautions, reprimands or final warnings as well as convictions, whether spent or unspent . Criminal convictions will only be taken into account when they are relevant to the post.
An understanding of a basic Police and other Emergency Services procedures Knowledge of the phonetic alphabet CCTV Monitoring experience
Experience of hand-held radio use Future SIA licenses funded First aid certificate