Published on 19 March 2018
As diplomatic tensions run high between the UK and Russia while the investigation continues into the Salisbury nerve agent attack on former double agent Sergei Skripal and his daughter Yulia, Professor Alastair Irons, Dean of Computer Science and cyber security expert, examines the threat of cyber war and what we can do to combat it.
“The political events of recent weeks with the expulsion of Russian diplomats from the UK, and UK diplomats from Russia, suggests that there may be a return to Cold War-style diplomacy.
“The threat of attack from nations outside the UK now includes the threat of cyber-attack – which taken to the extreme could be construed as a ‘cyber war’.
“The digital landscape has evolved exponentially in recent years with society’s dependency on the digital infrastructure increasing. As dependency increases then the impact of potential exploits on those vulnerabilities increases.
“There is a difference between the digital infrastructure and our critical national infrastructure, but increasingly there is a digital aspect to the critical national infrastructure (utilities, transport, commerce, defence) as well as the digital infrastructure for society’s day-to-day activities.
“Advanced Persistent Threats (APTs) are typically cyber attackers sponsored by nation states so have large financial backing, potentially powerful technical resource and an “army” of technical experts. APT attacks are targeted and organised with specific targets designed to disrupt and potentially disable the target’s infrastructure. In 2007 there were a series of cyber-attacks against Estonia, mainly distributed denial of service attacks (DDOS), allegedly from Russia. The attacks were so profound that they disabled the economic infrastructure of Estonia.
“Nation state cyber-attacks typically are medium to long term attacks, i.e. not an immediate impact, and seek to cause maximum disruption to the country under attack. The attack could be against the critical national infrastructure, but could also be against organisations – either against their ability to trade, their competitive economic advantage or against their intellectual property possibly eliminating years of research and development.
“In 2017 the UK released an updated cyber security strategy where the vision is that by 2021 “the UK is secure and resilient to cyber threats, prosperous and confident in the digital world”. The UK needs to defend against cyber-attacks, deter potential attackers and develop the cyber skills to realise the strategy.
“Education is a key aspect in creating a cyber secure UK and addressing the cyber skills gap. Education about cybersecurity can take place in a number of different areas – for the general public, as continued professional development for employees, for school pupils and for those in higher education. Highly specialised cyber security skills can be developed in undergraduate computer science programmes and in specific post graduate programmes, such as the MSc in Cybersecurity at Sunderland.”
Professor Alastair Irons has research interests in the field of digital forensics, cybercrime and cyber security, particularly on approaches to proactively reducing cybercrime; evaluating threat sharing protocols and procedures; and professional accreditation in digital forensics.
He is also interested in pedagogic research in computer science - focusing on problem-based learning but also assessment and feedback.
The University of Sunderland’s new MSc Cyber Security programme is equipping the next generation of cyber security experts with the skills to combat the increasing threat of online crime and cyber-crime incidents.
Cyber-crime is now a top priority for the UK Government with the opening of the National Cyber Security Centre (NCSC) last year, part of intelligence agency GCHQ, to identify threats to individuals and organisations.
In response to demand, Sunderland began recruiting students to its MSc Cyber Security programme from September 2017, drawing on its innovation, research and expertise in this area.
Cyber security is now also embedded into the University Undergraduate Computer Sciences Programmes. We are also launching a cyber security strand for our MBA programme.