Ethical hackers help boost businesses’ digital resilience
Computing students from Northumbria University will be testing just how well-prepared local businesses are for potential cyber-attacks by attempting to hack into their IT systems.
The students are part of a group of ‘ethical hackers’ – specially-trained to attempt to bypass online security systems in order to identify potential threats or weaknesses, which could be exploited by real-life malicious hackers.
All are undergraduates within Northumbria’s Department of Computer and Information Sciences and members of the University’s innovative Cyber Clinic – a weekly club funded by the Institute of Coding which runs ethical hacking training sessions for students.
Alongside their studies, the group of nine have now been employed as cyber security consultants for the newly launched North East Business Resilience Centre (NEBRC) – a non-profit organisation which supports and helps protect businesses across the North East from cyber-crimes.
The NEBRC is a partnership between Northumbria, Cleveland, Durham, Humberside and the North West and South Yorkshire police forces, together with Northumbria and Sheffield Hallam universities.
It brings together the latest information on cyber-crime legislation, criminal trends, threats and new technology, providing the best advice to safeguard businesses, their staff and customers.
The Northumbria University students will now be matched up with local businesses where they will spend time carrying out vulnerability assessments of businesses’ networks and web applications to identify any weaknesses in IT systems and computers.
They will then produce a report outlining the steps which need to be taken to protect the business from real-life attacks.
Dr Biju Issac is the programme leader for Northumbria’s Computer Networks and Cybersecurity BSc (Hons) and Computer and Digital Forensics BSc (Hons) degree courses and is leading Northumbria’s involvement in the NEBRC.
He said: “Unfortunately, instances of cybercrime are on the rise and many businesses, especially SMEs, may not have the knowledge to protect themselves from hackers and ransomware attacks.
“To be able to stop hackers we must understand how they work, which is why we teach our students ethical hacking – giving them the skills to identify potential gaps in a business’s IT security system.
“Northumbria University has developed a strong reputation in this area and so we’re delighted to be invited to become part of the new North East Business Resilience Centre.
“By combining our skills and expertise in cyber security with the insight and networks of our regional police forces we can help local businesses to protect themselves from cyber-attacks.”
The NEBRC partnership builds on Northumbria University’s national recognition as an Academic Centre of Excellence in Cyber Security Research by the National Cyber Security Centre and the Engineering and Physical Sciences Research Council.
It is also a founding member of the national Institute of Coding (IoC) – a national initiative supported by the government via a £20-million grant from the Office for Students. It includes over 35 education partners and more than 100 industry and outreach partners that are working together to respond to the UK’s digital skills gap.
The IoC funds Northumbria’s Cyber Clinic – a weekly club run by PhD student Neera Jeyamohan, who teaches ethical hacking skills.
The NEBRC launched in November last year and has two regional centres – one in Newcastle and another in Sheffield. Students from Sheffield Hallam University have also been appointed as cyber security consultants and will work with businesses in Yorkshire.
DI Martin Wilson is Head of Cyber Security and Innovation for the NEBRC in the North East. He said: “We are delighted to be working with our local universities, to reduce cybercrime.
“Often SMEs can’t afford cyber services and don’t know where to begin or who to trust. The creation of NEBRC helps us bridge this gap and, through the students, offer reduced cost, practical services which can make a huge difference.
“My experience tells me that a lot of cybercrime against business seeks to exploit basic weaknesses, often which the victim company isn’t even aware they have in the first place. Our team of student ethical hackers will be able to identify these weaknesses to the businesses concerned.”
As Dr Issac concludes: “We expect cyber-attacks to become even more prevalent in future with the introduction of super-fast ultra-fibre networks and in particular the rise in the use of Internet of Things (IoT) devices such as smart TVs which are connected to a home or business network but do not have the same level of protection against an attack.
“For businesses the main problem is protecting their customers’ data and that is usually what hackers target – stealing data and then threatening to release it unless the business pays a ransom.
“Under GDPR regulations businesses have 72 hours to declare a data breach or they have to pay a fine, so most will pay the hackers to avoid negative PR and a hefty penalty.
“Being able to protect themselves from such attacks could therefore save businesses large amounts of money, as well as protecting their reputation, which is often equally as valuable.”
Businesses interested in becoming involved in the NEBRC can visit nebrcentre.co.uk for more information.
This article has been cross-posted from the Northumbria University website. You can view the original post here.