Yorkshire is waging a war on criminals who could wreak havoc on the UK s economy. Sometimes it pays to be slightly paranoid . In an age when crippling cyber-attacks can be launched from a teenager s bedroom, there is much to be said for creating a chain of distrust to protect yourself and your colleagues. A Yorkshire seminar about the rise of ransomware a type of malicious software designed to block access to a computer system until a ransom is paid heard that many firms still needed to take tougher action to vet files and data that could have been sent by criminals. Earlier this year, more than 300,000 computers in 150 countries were infected with the WannaCry ransomware virus after a cyber-attack crippled organisations, government agencies and global companies. The NHS was also badly affected . Some 47 trusts in England including a number in Yorkshire and 13 Scottish health boards were compromised when the virus targeted computers with outdated security.
This crisis provided food for thought when experts in the field of cybersecurity gathered at the Leeds head office of smart telecommunications business aql, whose CEO, Dr Adam Beaumont, is the regional business champion for CiSP, the Cyber Information Sharing Partnership. CisP is a national initiative operated by CERT, the Computer Emergency Response Team, which is part of the Cabinet office. One of the speakers, Thomas Chappelow, the director of Leeds-based Nimbox, a provider of cloud-based secure file collaboration and storage tools, said companies could make ransomware attacks pointless by securing data in a chain of distrust . He said companies should never take for granted where a file has been. Stuart Hyde, the regional leader for CiSP, who was appointed by aql, said there was every likelihood of further attacks, although not necessarily of the same type as the attack which hit the NHS. He said: It s a call out to say these types of attacks can occur and there are lots of things you can do to protect yourself.
Attacks do take place in Yorkshire and the Humber, but luckily we ve got quite a good level of skills to be able to tackle some of those. A number of Yorkshire firms are doing their bit to thwart cybercriminals of all sizes. The Leeds-based technical marketing agency SALT.agency has expanded its services into cybersecurity by releasing a CyberScanner service. CyberScanner is a tool designed by SALT.agency s in-house team which has the ability to scan and analyse websites to test thousands of security vulnerabilities. John Ward, director of operations at SALT.agency, said: Yorkshire is a diverse and forward-thinking region that s attracting some of the most talented people in the industry . It stands the chance of becoming a leader in cybersecurity.
However, he warned that many sizeable businesses were still being complacent about the issue. He said: There s always going to be some sort of hole in the net that will let in the sharks and of course, the bigger the net, the more damage there is going to be. He believes that many leading professionals are unaware of the risks of using unsecure wifi in public places. He recalled: A member of our team set out to simply capture all the wifi signals in a well-known coffee shop in Leeds, to see what we could discover . We found about 85 per cent of all the traffic that came from laptops was unprotected, so we could see exactly which websites they were visiting, and over 72 per cent of the mobile traffic was the same. Although the majority of people were looking at websites like the BBC and LadBible, two per cent contained sensitive information including websites, passwords and other personal information.
Although a number of people use VPN apps (virtual private networks) to communicate, there are still a surprising amount of people who don t. There might only be a handful of companies dedicated to cybersecurity throughout the region, but it s the damage prevention that will really help the economy grow . Cybercrime cost UK businesses 29bn last year and that s not acceptable . Businesses close and people lose their jobs because of preventable security flaws and mild negligence . Take those issues away and we re set for a bright future. David Wall, professor of criminology at Leeds University, believes that smaller SMEs sometimes lack computer security awareness.
He said: Nation-state attacks tend to be on infrastructure, like utilities and other services . Britain seems to be well equipped to counter such attacks, although you do not hear about many of these. Businesses and organisations can be attacked, but they do seem to have, or they are developing, business continuity plans . The recent WannaCry ransomware attack was a major wake-up call with regard to cyber-attacks in the region. Prof Wall believes Yorkshire has built up a critical mass of talented people who can send cybercriminals packing. He added: We have a history of developing experience in this area . Don t forget that we have had a number of major online banking and finance businesses in the region for many years, and the security experience from these has helped motivate others to think about cybersecurity. We have also had the two main universities in Leeds working on different aspects of cyber-security. It is now 20 years since Leeds University first started researching and teaching cyberlaw and cybercrimes, subjects that have remained popular ever since.
Leeds Beckett has recently developed a cybersecurity unit in its computing department and there is also expertise in Sheffield Hallam University. David Porter, the cybercrime investigator at Yorkshire & Humber Regional Cybercrime Team, added: The businesses I have interacted with across the region take cybersecurity seriously, and invest heavily in their systems, processes and people to safeguard personal data, business infrastructure and their clients. Recent events in the UK have tested organisations and businesses, but it s a testament to their approach to cybersecurity that there has been minimal impact in Yorkshire.
Yorkshire s businesses are increasingly exposed to cyber-attacks, accidental breaches, and an ever-changing regulatory environment, according to Thomas Chappelow of Nimbox, which specialises in protecting confidential data. Mr Chappelow said: According to the Government s 2017 Cyber Security Breaches Survey, just under half of all UK businesses admitted at least one cybersecurity breach or attack in the last 12 months . This number rises to two-thirds among medium-sized and large firms . In short, cyber-breaches affect most businesses. We are living in an age of big data , whether we re prepared for it or not . We re all collecting more and more data, without necessarily adapting our business systems and processes to protect.
We started our company in Yorkshire, because we saw an opportunity to tap into the huge pool of both qualified and aspiring and I dare say, underused cyber-professionals in the region . In Leeds, we have access to three university cybersecurity centres, filled with academics who produce valuable research into the issues we re all facing; a vibrant technology hub; and a specialist police unit that helps businesses to fight back against the tide of attacks.
We are giving up too many freedoms because of the threat posed by a tiny number of people says Joyce McMillan
Last week in Barcelona, it happened again . There was a terror attack, involving a van driven at speed into an unsuspecting crowd; 14 people died . Within 24 hours, the people of Barcelona were gathering on the streets, singing and chanting their defiance, saying that they were not – and are not – afraid; it s the same reaction to terrorism that we see in great multicultural cities across the world, from Paris and Berlin to London, Manchester and Boston . And as in all those other cities, people said that terrorism would not be allowed to change their way of life; they would party on without fear, and not permit themselves to be cowed by tiny groups of terrorists. Yet we must, when we go through the ritual of saying this, be increasingly conscious that in most countries of the west, what we say is not true . We have allowed ourselves to be changed by the threat of terrorism, since the horrifying attack on New York in 2001; and the very fabric of our cities is beginning to show it . Here in Edinburgh, this year – after the attacks in London and Manchester this spring – festival crowds are, for the first time, experiencing bag searches in many venues, the sight of tank-trap-like barriers on the High Street, and the occasional presence of armed police on the streets . Public buildings in London, and our own Scottish Parliament here in Edinburgh, are increasingly surrounded by ugly ranks of traffic bollards and blast-proof walls; and from time to time, major events are simply cancelled outright, as in Rotterdam this week, following explicit terrorist threats. And all this is to say nothing of the less visible but even more significant electronic surveillance state that we have allowed to grow up over the last 16 years, with millions of law-abiding citizens being put on watch-lists without evidence or redress, on suspicion of having once signed an online petition, or gone to a demonstration .
To call this process insidious is to understate the case; these days, anyone who dissents from the norms and systems of our evidently flawed society to the extent of actually doing something about it runs the risk of being categorised, in UK security terms, as a potential domestic insurgent . Yet there is, to put it bluntly, very little evidence that terrorism in the west represents a threat that justifies social, cultural and physical change on this scale . In the 16 years since 2001, well under a thousand people have died in terror attacks across Europe, fewer than a hundred a year, whereas 300 times as many die in road traffic accidents . And although the security establishment constantly tells us of the large number of terror attacks they prevent, thanks to tight surveillance rules, there is surely a limit to how much of such information any thinking citizen should be expected to take entirely on trust, given the huge vested financial interests involved in maintaining a heightened sense of threat. Add to all these factors the desperate plight of all public authorities in a risk-averse age, faced with the inevitability of legal action and huge penalties if they fail to implement recommended security measures and lives are lost as a result, and you have a situation where over-reaction to the threat of terrorism becomes almost inevitable . All the pressure is on the side of expensive and obvious security measures, and on the lavish demonstration that the authorities have made the safety of the public their absolute priority ; although in truth, if the safety of the public was an absolute priority , we would not only ban motor transport, but ensure that no-one ever got out of bed in the morning. In the real world, in other words, we make constant calculations of the benefits and risks of whatever action we undertake, even if only crossing the road to buy a coffee . In the wrong circumatances, motor vehicles kill; but we value the freedom they bring us so much that we tolerate an annual death toll on the scale of a 9/11 attack in Britain every year. Yet when it comes to our response to terrorism, those mechanisms for calculating risk and benefit seem to have entirely broken down .
The risk of continuing to live our lives without bag searches and street barriers and relentless online surveillance is deemed too great even to contemplate; whereas the unseen but huge benefits of living in a civil society – where security is not a major industry, where people enjoy privacy and freedom of movement without intrusion, and where our children are not constantly given the false, disempowering and reactionary impression that all public space is dangerous and all strangers a source of threat – are never weighed in the balance at all. It therefore seems to me obvious that we now need to call a halt to the the growth of terrorism-related security-state thinking, in the UK and elsewhere, and begin a much more mature conversation about the freedoms and decencies we are so willingly giving up in order to meet what is by any normal measure a small threat, posed by a tiny minority of citizens . For if the growth of such attitudes and systems is undesirable in itself, the reasons why we have been so tolerant of it are also deeply disturbing, and a serious capitulation – despite our fine words – to those who want to see a society undermined by division, hatred, and mutual mistrust between communities . At the Edinburgh Festival this year, there are not only barriers in the streets, and some cops carrying guns. There are also hundreds of very angry young performers, speaking in the voices of communities that feel excluded and demonised by an official and media culture that too often places the heavy hand of security above the civic peace, fairness and inclusion that really keeps us safe .
Those who sow the seeds of a security state, in other words, inevitably reap the whirlwind of anger from those they insult, harass and exclude; and it s now beyond time for those of us who truly care for long-term peace and harmony to call a halt to our ever more pervasive security culture, and to begin to questions its terms.
Published: 11:43 Thursday 24 August 2017
Security at Celtic Park is being increased as Scotland s major venues continue to take action as the terror threat level in the UK remains at severe . The move to step up security at the stadium comes less than 24 hours after it emerged that roads around Ibrox Stadium in Govan, home of Rangers FC, would be closed by police in reponse to the threat level1. A statement from police posted on Rangers website said: You will have noticed at recent matches at Ibrox Stadium that roads around the perimeter of the stadium have been closed prior to and at the conclusion of the match. Taking into account the current UK Threat Level and to ensure the safety of all spectators this new arrangement will continue until further notice.
The road closures will be lifted as soon as the Safety Officer and Match Commander are satisfied that the spectators are safely away from the stadium. Police Scotland is believed to be acting on the advice of counter-terrorism experts, with officers seeking to enhance safety and provide public reassurance at a number of locations. Chief superintendent Sharon Milton added: Measures – including those to deter vehicle attacks – will be in place at all Rangers and Celtic home games for the foreseeable future.
This is not unique to one specific geographical area or policing division, and considerations apply for events across Scotland. Additional safety measures have been brought in for roads around Bellahouston Park, where US rapper Eminem is due to perform this evening.