Published on March 30th, 2021 📆 | 8353 Views ⚑
0How to secure an F1 team in a pandemic
On Friday 13 March 2020, with hours to go before the first practice session of the 2020 Formula One season at Albert Park in Melbourne, Australia, and with the McLaren team having already withdrawn from the event following a positive Covid-19 test, the race organisers took the decision to cancel the event.
For many who had not been paying much attention to surging coronavirus infections in northern Italy, the postponement of the F1 season was probably one of the first indications that Covid-19 was about to become a life-altering event for everyone.
But while some F1 drivers, including Williams Racingâs George Russell, took to the internet to livestream their own virtual versions of the cancelled races, back at Williams HQ in Grove, Oxfordshire, team staffers and engineers were driving out of the front gate, the boots of their cars loaded with IT equipment, and the teamâs CIO, Graeme Hackland, was happy to let them go.
Why so? Continuity of IT leadership, and an effective, multi-year digital transformation plan that has introduced a more holistic approach to data protection, may have had something to do with it.
A seasoned F1 technologist, Hackland joined Williams back in 2014 and embarked on a three-pillared strategy â centring ease of mobility, ease of collaboration and ease of data access â all tied together with a protective layer of cyber security provided by the teamâs main partner, Acronis, in a longstanding relationship that began with backup protection and has expanded steadily over the years.
It is a relationship that has frequently been tested â as with any high-profile organisation, Williams is constantly on the receiving end of cyber attacks that threaten its intellectual property and confidential data, ranging from often sophisticated spear phishing attacks against senior staff, to full-blown ransomware attacks â Hackland has twice had to deal with these during his tenure.
Fully remote model
As part of the wider digital transformation, Hackland had already developed a model whereby about 70 team designers and engineers could work remotely, securely, fully supported, with their resource-hungry CAD programs, if they pleased.
The pandemic forced him to wind things up at pace to bring in a fully remote model, supporting 1,000 people, in the space of a few days.
âIt was actually a year ago today that we logged a risk on our risk register that we may have to send all staff to work from home,â says Hackland. âHow can we make this happen? We had a week, and by the following Tuesday or Wednesday we had upgraded our systems, we could have 1,000 people working from home, staff were driving out the gate with their chairs and their monitors.
âAt the time, we thought it would be for a month, a couple of months. And here we are a year later, and itâs still possible and still viable for people to be able to work from home securely.â
âIf we were having a conversation with a driver in the past, it would have been in a nice hotel in Oxford. But now weâre doing all that over videoâ
Graeme Hackland, Williams Racing
One of Hacklandâs immediate cyber security priorities during the toilet paper and Tiger King-fuelled days of the UKâs first national lockdown was the same as was faced by every CIO and CISO in the country â a then little-known video-conferencing app called Zoom whose developers had failed to plan for mass usage, and which was paying the price.
âA year ago, Zoom wasnât prepared for the growth it was about to experience â I donât think Microsoft [Teams] was either, actually,â says Hackland. âOne of the things we really relied on Acronis for was protecting those conversations.
âIf we were having a conversation with a driver in the past, it would have been in a nice hotel somewhere in Oxford. But now weâre doing all that over video, and we donât know if the device the person has got is secured, where they are, or what network they are on. We donât know if someone is listening to these conversations.
âIn the past, we always thought video conferencing doesnât happen very often, so itâs not a target and weâve got other areas we need to secure. But actually, securing these conversations became really important.â
New paradigm
The Acronis Cyber Protect service â an integrated platform providing backup, artificial intelligence (AI)-powered anti-malware and antivirus, and endpoint management that is specifically designed to help users eliminate complexity and manage and monitor workloads, data, applications and systems across their network â has also kept Williams working through a momentous event in its history in late 2020 â a transfer of ownership that brought to an end its status as the last family-run team on the F1 grid.
âWe had loads of people join us during the lockdown, who have not been able to come to site,â says Hackland. âOur new CEO is going to be on site for the first time in March.
âSome of them have had to use their personal computers to start working for us. In the past, we would never have allowed that because we were focused on the need to protect our endpoint.â
This is less of a problem today thanks to a relentless focus on both data protection and user training â human error being, of course, a significant contributory factor in the majority of successful targeted cyber attacks â and Williams sees such attacks often.
âWeâve had many partially successful phishing campaigns against us,â says Hackland. âWe had one where they registered Williams F1 dot com by putting two capital Is [in place of lower case Ls] in Williams, and it looks just like Williams. I canât blame our staff who saw those links, thought it was a Williams F1 SharePoint, and clicked on it.
âNow, I caught that attack as it was happening and stopped it, but if you get an email from a colleague inside your organisation or from a supplier that you work with all the time, youâre much more likely to trust them.
âSo we put a lot of effort into protecting the data so that when someone gets in, the data is secure, but weâre also trying to make it as hard as possible for someone to impersonate another user.â
In this new paradigm, says Hackland, it matters less who is accessing the data, what device they are accessing it on, or whether or not that device is itself secure or running on a secure network, because everything is connecting into a protected virtual machine (VM) in the Williams datacentre.
The entire approach now is predicated on the idea that data never leaves the Williams network, while the machine learning features within Cyber Protect establish a baseline of behaviour and personalise protection down to the individual user.
âWeâve had to switch our thinking to making sure we are protecting the data, so that if someone is on a device that isnât secure, that doesnât matter,â says Hackland. âThey are going to connect to a virtual machine that is protected, is in our datacentre and has layers of security around that, and if they see any odd behaviour or we see any odd behaviour, we would then be able to handle that straight away.
âWe have given all of our users the confidence to work from home and to create sensitive data remotely. Before Acronis, the burden of responsibility on backup would have been on the staff, but now this function is centralised and scheduled for them.â
Sell-by date
Understandably, the teamâs data is incredibly important to it, but this data has a limited shelf life â nobody is interested in the 2017 car, but performance data on next yearâs is incredibly valuable.
âOur most sensitive data is the 2022 car because thereâs a generational change, the rules are changing significantly and we all had restrictions on what work we could do on the 2022 car â just to make it fair what with all the teams being affected by Covid at different times,â says Hackland.
âWe have this sort period of time for the next generation of car, so the direction we take and the work we do in our wind tunnel, the challenges that we have around designing a completely new aerodynamic concept for 2022 is huge, and making sure our data doesnât go to other teams is really important.â
But there is another snag. He explains: âFrom my perspective, I have got to be really careful that other teamsâ IP doesnât come into my network â if another teamâs data gets into our car somehow, Iâm in big trouble and we could be thrown out of the championship.
âSo I am trying to protect us from our IP going out, which is a well-understood problem. I know what our data looks like and I can track it across the network onto an endpoint as itâs moved, and if anything happens to it, I have a pretty good idea where it is. But if other peopleâs data comes in, it just looks like mine, and thatâs a real challenge.â
Security blanket
This year, Hacklandâs relationship with Acronis continues, with the recent announcement of a renewal of the partnership between the two firms, extending areas of cooperation and driving further adoption of the Cyber Protect suite across the teamâs entire IT estate â which ultimately extends to 600 servers, 1,500 endpoints, 1,200 Microsoft Office 365 mailboxes and nearly half a petabyte of data.
And with the team hoping to stage a comeback this year after a run of poor form, easing the security burden on Williamsâ key personnel will, touch wood, help them keep focus on moving up the grid and taking the championship fight to their rivals.
Gloss