[vc_row][vc_column][vc_column_text css=”.vc_custom_1604247457400{padding-bottom: 50px !important;}”]<\/p>\n
In computing, a race condition may occur when two or more threads access shared data and try to change it at the same time. Problems may arise when one thread runs a CHECK-THEN-ACT command, while another thread runs a change to value command at a time which is between the CHECK and the ACT of the first.<\/p>\n
BA\u2019s customer data breach was first disclosed in September 2018 when the airline revealed that hackers had breached its computer systems to steal data relating to about 380,000 customers from its mobile app and website.<\/p>\n
In October 2018, BA revealed that cybercriminals had stolen the credit card details of 185,000 more customers in what it described as a sophisticated, malicious criminal attack that took place over a three-month period. Apart from personal details, customers\u2019 email addresses, card numbers, expiry dates, and card verification value numbers were likely stolen, BA warned.<\/p>\n
To fall foul of the GDPR legislation, BA would have been found to have failed to take reasonable steps to protect their customers\u2019 data or failed to provide evidence to the ICO that they had done so. The reputational hit to BA may cost them more even than the massive fine, if customers start to lose trust that their data is secure with the company.
\nIt is not yet clear how the breach at BA occurred, but it is already clear that this was a catastrophic failure of internal security monitoring by BA. Not only were their systems breached, but they failed to notice this for three months or more.<\/p>\n
There are many routes into the systems of a massive, globally spread company like BA, most likely through the weakest link of its human operators. The corporate security perimeter will extend beyond their own staff to outsourced roles like ground handling agents in dozens of countries around the world.<\/p>\n
In order to get into race condition a disruptive approach to cybersecurity is required. While adding an additional horse to drive one\u2019s carriage faster away from adversaries can be a good temporary solution, switching the carriage to a racing car may be an idea worth considering.<\/p>\n
In recent years, some concepts as deception, trickery and decoy were introduced to try to slow down and exhaust attackers. Implementing various \u2018honeypots\u2019 and distraction across the network may impede attackers and provide defenders with more time and opportunities to detect and respond to malicious activities. However, the core challenge of stopping hackers from penetrating an organisation from the outside is yet to be resolved.<\/p>\n