US Government departments have been coming under fire lately. A hacker managed to breach one of the Pentagon's email systems in June, leading officials to take up to 1,500 accounts offline. Seemingly by chance, the system did not contain classified information relating to military operations, according to a spokesman.
The same week, Scott Charbo, the chief information officer of the Department of Homeland Security, was being taken to task by Congress for suffering a reported 844 security incidents last year. These included workstations infected with Trojans, a compromised department website and classified emails being sent over unclassified networks.
One congressman said the infiltration of US government networks was one of the most critical issues confronting the country. A few weeks later however, reporters for Associated Press managed to download sensitive US military and technical files by accessing anonymous FTP servers with no password protection or, in one case, with a password that was included in another file on the server.
All relatively common issues, albeit at a very high level. In the UK, we've already seen a targeted Trojan attack against government email addresses, and it's a fair bet that similar attacks to those described in US congress are ongoing against UK networks.
The Information Commissioner's annual report lambasted some large organisations' attitude to secure storage and disposal of personal information, which has led to more calls for EU-wide breach notification legislation, citing US disclosure law SB 1386 as an example to follow.
The message seems to be, once again, that the US is ahead. But this time it's in terms of experience rather than technology. If UK leaders - both government and business - were to realise that work needs to begin immediately to avoid similar problems down the road, we might actually have learned something from our "special relationship" partner.