The biggest long term cyber threat of all to the UK does not come from hackers or state-sponsored attacks but the lack of diversity among mathematicians, coders, and others trying to defend the UK from attack, according to Ian Levy, technical director of the National Cyber Security Centre, NCSC.
Last week, at the Cheltenham Science Festival, in an event chaired by Roger Highfield, Science Director of the Science Museum, Levy highlighted the need for cyber defenders who think in different ways.
Levy took the packed audience through the current state of cyber security in the form of the National Cyber Security Strategy that highlighted that the NCSC took down almost 140,000 UK websites that were crafted to look like those of banks, government agencies and businesses last year alone.
This talk ranged from the activities of what he called ‘adequate pernicious toerags’ (also known as the ‘hacker in a hoodie’) to a state-run campaign by the GRU, the Russian military intelligence service, of indiscriminate and reckless cyber attacks targeting political institutions, businesses, media, and sport.
He also highlighted the details of attacks such as the global WannaCry ransomware attack of 2017, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency: Levy went on to show the simple coding error that led to the vulnerability that made it possible.
Levy encouraged the audience to use password managers so they could create more sophisticated passwords. He explained that the NCSC and Troy Hunt, creator of Have I Been Pwned, recently found that the most commonly used passwords in global cyber breaches were ‘12345’ (affecting 23.2 million accounts) and ‘qwerty’ (affecting 3.8 million accounts). He also looked to the future, and mentioned that the “‘Internet of Things’, which envisages everyday objects going online, can become the Internet of Tragedies if we get it wrong.”
But of all of his concerns, the number one worry was a stark lack of diversity on the cyber front line. In 2017, a Frost and Sullivan report estimated that for every woman working globally in cyber security, you will find nine men. Hence why the NCSC is finding the next generation of cyber defenders by appealing to a more diverse audience. To achieve this, they have introduced the CyberFirst programme that will help young people explore their passion for technology by introducing them to the world of cyber security.
Yesterday, 10 June 2019, the UK Government announced an investment of £18.5 million to boost diversity in AI-tech roles and innovation.
The forthcoming Science Museum exhibition, Top Secret, coincides with the 100th anniversary of GCHQ, who act as expert advisors on the exhibition. Jeremy Fleming, Director of GCHQ said when the exhibition was announced by HM, the Queen: ‘I hope that this unique collaboration with the Science Museum will encourage people of all ages and all parts of our society to think about the work we do and the role they could play in our future.’
Following its initial run in London, Top Secret will go to the Science and Industry Museum in Manchester, and then will be available to tour nationally and internationally.
The exhibition is supported by Principal Sponsors: Raytheon, Avast and DXC Technology, Major Sponsor: QinetiQ, Associate Funder: The Hintze Family Charitable Foundation, with additional support from Keith Thrower, and special thanks to Michael Spencer and NEX Group. The exhibition’s Media Partner is The Telegraph.
This was originally posted in support of our Top Secret: From Ciphers to Cyber Security exhibition that was open from 10 July 2019 – 23 February 2020.