A Freedom of Information request from staff at the UK offices of the Huffington Post has revealed, according to a BBC report on the story, that more than 300,000 attempts were made to access pornographic websites from the Houses of Parliament during the last 12 months. Of course, just looking at the headlines or even the figures quoted in the stories that follow them doesn't always reveal the bigger picture. Often, sadly, all you are left with is something of a blank canvas.
The original Huffington Post story reported how authorities had "acknowledged that users of the Parliamentary Network servers, including both MPs and their staff, have repeatedly attempted to access websites classed on Parliament's network as pornographic". It also went on to note that officials had explained the figures were 'inflated' by websites which automatically refreshed, and pop-ups and pop-unders, along with embedded images or video, could also increase the access attempt numbers greatly. Perhaps most confusing, and making the whole investigation somewhat pointless, was the fact that parliamentary officials refused to define what the servers classified as pornographic in the first place, and refused to do so on the good old get out of security grounds.
Philip Lieberman, CEO of security outfit Lieberman Software Corporation, reckons that the officials are right in that regard at least: pornography is a security issue. "Porn sites as bait, has been a long time vector of malware and those that seek to gain surreptitious access to systems" he says, continuing "Web filters would not be effective in stopping the threat as many such attacks occur in email that contains payloads marked as potential porn." Not forgetting, of course, that many legitimate non-porn sites may have a compromised section containing an infection that is also representing itself as pornographic. "As strange as it might sound" Lieberman concludes "conventional porn sites run by legitimate corporations will not normally contain infections and will not compromise national security."
Tim Erlin, director of risk and strategy for security firm Tripwire, agrees as attackers will always follow the best target. "People viewing pornography tend are already more likely to be careful" Erlin explains "and less likely to share what they’ve found than those viewing religious or political websites."
