Alistair Irons, cyber security expert at the University of Sunderland, says we need to train young people to tackle the threats of the future.
Cyber crime might not sound particularly exciting but it’s the fastest growing area of crime in the UK and internationally today. It’s impossible to get a handle on how much it costs the world economy every year because so much of it goes unreported and undetected. But what can be said with some certainty is that the bill goes in to the tens of billions.
Anyone can be a victim of this evolving menace. Individuals, business, nations: no one is immune. One of the biggest problems is that, as technology changes and expands rapidly, so do the threats – and we’re not keeping up. Alistair Irons, academic dean of computer science for the University of Sunderland, is trying to change that. The 54-year-old, originally from Stranraer, Scotland, has been working on tackling this issue on Wearside for ten years. He worked in digital forensics before transitioning to the academic study of cyber security.
Mr Irons said: “One of the biggest problems is getting people to pay attention to this issue. “There’s a perception out there that it is a victimless crime because no one is breaking into anyone’s house or hitting anyone over the head with a baseball bat. “But it’s not nice having your bank details stolen or private pictures taken from your phone.
“And people need to know that the proceeds from cyber crime are used to fund other sorts of crime. “This money is going into things like drug trafficking, people trafficking, terrorism. “And then there’s the issue of the dark web, where the distribution of child sex abuse images occurs. “This money funds an underground network of crime.” This is what cyber crime comes down to, as all crime usually does: money.
The police know this too. Detective Sergeant Martin Wilson, regional cyber protect co-ordinator for the north east, said: “Technology is a force for good and is changing the way we live our lives. “However, there are elements in our society who seek to take advantage of our growing use of the internet and exploit vulnerabilities’ in networks and end point users. “The motivations for cyber criminals are numerous and varied, but predominately it’s about making money, by holding data to ransom, and making extortion demands.”
Mr Irons ranks cyber crime threats on levels from one to five. Level five, the least serious, encompasses things like nuisance attacks – the teenage hacker on a laptop at home trying to steal UFO documents from the Pentagon. The top level, defined as “advanced persistent threats”, is where the worlds of cyber security and geopolitics meet and where nations are engaged in a shadowy war to sabotage one another’s infrastructure, elections and military systems. The government recently revealed that there were 188 serious attacks on the nation’s digital frameworks in the three months at the start of this year.
In between is serious organised crime, “hacktivism” (think Julian Assange and Edward Snowden) and insider corporate crime. The latter on that list is emerging as a major issue in the world of business – it is estimated that between 30 and 40 percent of money lost through crime across the economy now comes from cyber crime. What is more worrying than the range of threats out there is how ill-equipped we are as a society to tackle and resist them.
Mr Irons said: “The skills gap is quite frightening. There are tens of thousands of jobs in this sector that can’t be filled because the people with the right qualifications aren’t there. “What’s even more worrying is the demographic trap we’re walking in to: only six percent of people working in cyber security are under 30. “You maybe wouldn’t assume that but it’s a fact. “People who work in this area now were in loosely related jobs which kind of evolved in to cyber security, just like me. “We need to equip young people to face these problems head on.”
The University of Sunderland is aiming to position itself at the forefront of the fight against cyber crime. It is launching a masters course to train 25 people every year to combat the threats individuals, businesses and nation states face every day. On top of that, it is making security studies a key component of all computer courses for undergraduates. Mr Irons is a bit sceptical about the government’s approach to fixing this shortfall, although he acknowledges they’re trying and are starting to put the investment in. The private sector’s attitude, he says, is just as big of a problem.
He said: “Businesses who are commissioning computer systems don’t want to pay for security. “They all think ‘well, it’s never going to happen to me’. “Some places are taking it very seriously but I’d say that’s about 20% of them.” And there’s another problem: you. He said: “Cyber security comes right down to the person working on the reception desk. “You can’t have weak links in an organisation. “If someone is opening emails, they should understand cyber security.” As the threats evolve, so must the solutions – and so must we.
The University of Sunderland’s MSc Cyber Security programme starts in September 2017.
Author – SEAN SEDDON