MoD has yet to update relevant Internet WhoIs databases in respect of domains it sold in/around 2015
Dear Ministry of Defence
UK Ministry of Defence’s IPv4 address spaces sold in/since 2015
I should be grateful to know when the MoD will update the relevant Internet WhoIs database entries to show that it no longer owns the domains it sold in/around or since 2015. I ask this because
(a) second-hand IP addresses with a good reputation - like those of MoD Woodstock - in the wrong hands can and do enable criminal organisations to command and control servers, including (potentially) servers hosting government messaging services;
(b) it appears that the MoD's failure to update the WhoIs database entries with respect to the domains it has seems to be facilitating massive data security breaches every day, in real time, from government departments, presumably by unfriendly states and unfriendly powerful vested interests.
This - the MoD updating the relevant WhoIs database entries- needs to be done today. It is not difficult to update the WhoIs but - extraordinary to relate - this astonishing omission, the failure to do so, seems to have blown a huge hole in the data security of some government departments that handle sensitive data affecting national security every day.
The MoD's failure to update the WhoIs database entries immediately after it sold the domains seems to have resulted in breaches of the UK and EU data privacy laws (betraying citizens' rights to have kept confidential their data - and fraud reports - sent voluntarily to government departments).
Ministry of Defence
This matter has been taken to private e-mail (cf your letter 23 January 2018).
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.Donate Now