Influence And Interference From Russian Twitter Accounts Following UK Terrorist Attacks
18th December 2017
The level of influence and interference by Russian-linked social media trying to engineer social division in the UK, including through Russian Twitter accounts, is considerably more extensive than has been reported to date.
A CREST report published today identifies the systematic use of fake social media accounts, linked to Russia, amplifying the public impacts of four terrorist attacks that took place in the UK in 2017.
The report was written by researchers at the Cardiff University Crime and Security Research Institute (CSRI). It was funded by CREST as part of our ‘Soft Facts and Digital Behavioural Influencing’ project, led by Professor Martin Innes, who directs the CSRI. You can read more about the project here.
Significantly, the project team found evidence of:
- Stimulation of cumulative extremism: social media platforms were being ‘weaponised’ on all sides of the political spectrum, for example amplifying both pro and anti far-right messages.
- Greater volume of accounts than previously thought: the project’s data show at least 47 active accounts.
- Targeting UK uncertainty: the accounts were active around all four UK terror attacks that the project looked at in 2017.
The evidence gathered by the team shows that at least 47 Russian twitter accounts were used to influence and interfere with public debate following the terror attacks at Westminster Bridge, Manchester Arena, London Bridge and Finsbury Park. Of these accounts, eight were especially active, posting at least 475 Twitter messages across the four attacks, which were reposted in excess of 153,000 times.
A significant aspect of these interference campaigns was the use of these accounts as ‘sock puppets’ – where interventions were made on both sides of polarised debates, amplifying their message and ramping up the level of discord and disagreement within public online debate.
Terrorist violence is fundamentally designed to ‘terrorise, mobilise and polarise’ its audiences. The evidence suggests a systematic strategic political communications campaign has been directed at the UK, designed to amplify the public harms of terrorist attacks.
The report is available to download for free from here.
New issue of CREST Security Review: Decision Making
24 October 2017
Every day we make thousands of decisions. Trivial decisions like what to have for breakfast and what to wear to work are decided rapidly without much thought. Decisions with more significant consequences take longer. For example, in critical incidents the complex decisions faced by the emergency services need to be made quickly and have little margin for error.
As Julie Gore and her colleagues show us in this issue, there is a rich history of research on decision making. We feature some of the latest examples, including decision-making processes in cyber security, decision making under stress and terrorist decision making. As always, this latest issue of CREST Security Review is available to download, read and share.
Inside this issue:
- Nikki Power looks at decision making during emergencies, and how the blue-light services work together.
- Drawing on research in the same field, Laurence Alison, Michael Humann and Sara Waring highlight the importance of communicating with victims and casualties.
- Emma Barrett and Nathan Smith give us some factors to help us assess a group’s decision-making capability under extreme stress.
- Simon Ruda shows us how small manipulations can change the decisions made by large numbers of people.
- Awais Rashid and Sylvain Frey investigate cyber security decision-making processes.
- Paul Gill explains the eight things we need to know about terrorist decision making.
- Jan-Willem Bullée looks at how we can be manipulated into making bad decisions.
- Julie Gore talks about the Naturalistic Decision Making community and the rich history of research on this topic.
- Renate Guerts shows us why professionals are needed to assess risks of violence.
Each issue of CREST Security Review also features articles outside of its special focus. In this issue we include research on spotting smugglers as well as what lessons we can take from Northern Ireland to help our understanding of engagement in violent extremism.
About CREST Security Review
CREST Security Review is a quarterly magazine produced by the Centre for Research and Evidence on Security Threats (CREST). It provides a gateway to the very best knowledge and expertise on understanding, mitigating and countering security threats, providing research-based answers to real-world problems.
Each issue includes articles focused on a particular topic; past issues include Information Elicitation, Cyber Security, Transmission, After Islamic State and Networking. You can read all the issues for free here.
Lancaster PhD student presents at 2017 Strategic Command Deterrence Symposium.
Security Lancaster and The Department of Politics, Philosophy and Religion funded Karena Kyne – a faculty-funded PHD student based in PPR- to attend the Strategic Command Deterrence Symposium in Omaha, Nebraska. Karena was selected to present alongside military personnel and fellow researchers by Mr. Howard Buffet, from Columbia University and the School of International and Public Affairs, who moderated the panel titled New Thinking on Deterrence.
Karena’s paper was called Impacts of the Accelerated Pace of Technological Change on Military Logistics where she spoke about the shifting ontologies of hybrid war and logistics.
She argued that the pace of technological change needs to be considered in order to support new ways of mobilizing innovative capabilities and insure flexibility in bureaucratic process and, importantly to make conceptual space for new methods of thinking through the ‘speed, scale and scope’ of modern war and its logistics.
The event closed with some words from General Hyten – Air Force General and Commander of United States Strategic Command who said “I love the Buffet panel … because each of them I probably disagree with more than any other group of people on stage …and the more I think about what you say and the more you challenge me to think about what I think, is unbelievably important.”
The panel took place in front of an audience of 650 from a range geographical locations and interdisciplinary backgrounds.
Watch the video of Karena’s panel here:
National recognition for Lancaster’s cyber security research
4 April 2017
Minister for the Cabinet Office, the Rt Hon. Ben Gummer MP has announced that Lancaster University has been recognised by the NCSC (part of GCHQ) and the Engineering and Physical Sciences Research Council as an Academic Centre of Excellence in Cyber Security Research.
Lancaster is the only recognised Academic Centre of Excellence in Cyber Security Research in North West England, and one of 14 across the whole of the UK.
Ben Gummer, Minister for the Cabinet Office & Paymaster General, said:
“This Government is determined to make the UK the safest place in the world to live, work and do business online.
“That is why we need truly ground-breaking research to stay one step ahead of the growing threat of cyber attacks.
“By engaging with business, industry and academia, we will ensure that we develop the skills and research we need to tackle this growing threat to the UK.”
Chris Ensor, Deputy Director for Cyber Security Skills and Growth at the NCSC, said:
“It’s fantastic to see so many leading universities committed to trailblazing improvements to the UK’s cyber security research, and it is particularly good to see Scotland represented for the first time.
“At the NCSC, we are absolutely committed to maintaining and improving our already strong reputation as a global leader in cutting-edge research, and look forward to collaborating with these establishments to make the UK the safest place to live and work online.
“These universities conduct world-class cyber security research and this initiative will improve the way academics, government and business work together – benefiting the whole of the country.”
This recognition is a renewal of previous recognition for Lancaster University’s work in the cyber security field by the national body.
Lancaster University’s cyber security research forms part of the work of the Security Lancaster Institute, which provides world-class research and training on issues relating to the safety and security of UK society.
The Institute’s work is inter-disciplinary and crucially puts the person at the heart of security decisions – taking into account human factors, as well as technology.
Professor Awais Rashid, Director of Security Lancaster, said: “Cyber crime is a large and growing threat to modern society. Whether it is theft of personal data, attacks against critical infrastructure or crimes such as online fraud and sharing of abuse images of children, cyber crime affects us all.
“This recognition demonstrates the importance and significance of the work undertaken here at Lancaster to protect the people and the economy of the UK.”
Lancaster experts work across a wide variety of sectors to help businesses, other organisations and individuals gain an understanding of cyber threats, how to counter them, embed cyber security practices and establish a cyber security culture to help support and protect the UK economy.
Recent Lancaster cyber security work as part of the international research project iCOP resulted in a new online tool designed to spot new child sexual abuse media online.
Other recent research has highlighted vulnerabilities in online passwords and in particular how easy it is for criminals to guess people’s passwords when they possess information on their targets.
Lancaster researchers have also worked with the NCSC to help develop their Industrial Control Systems lab.
In addition, Lancaster is at the forefront of helping the UK meet the skills gap in the cyber security industry. The university delivers an MSc in Cyber Security that is fully certified by Government. It is also leading a major international research project to create a ‘Body of Knowledge’ that will provide the foundations for future teaching and training in the field.
£7.1 million R&D boost for North West businesses
12 January 2017
Lancaster University is launching a £7.1 million low-carbon research and development programme to support small and medium sized enterprises (SMEs) in Lancashire, Cumbria, Cheshire and Liverpool. The award-winning Centre for Global Eco-Innovation, at Lancaster University, returns with more than 50 long-term projects involving three-year PhD, or one-year Master degree, high-calibre graduate researchers working full-time on projects bespoke to the needs of their host business.
Individual projects can be worth up to £100,000 in value & in addition, more than 80 short-term student dissertation or placement projects are also available with researchers working on a project for up to six months.
The projects on offer are part-funded by the European Regional Development Fund and therefore offer significant value to participating companies.
“On offer is £7.1 million worth of research opportunities for regional businesses, enabling them to develop their business and make the transition to a lower carbon economy,” said Dr Andy Pickard, manager of the Centre for Global Eco-Innovation.
“Small and medium sized businesses may have a low carbon research idea that will help to grow the company, but which they don’t have the capacity to undertake the work themselves. The Centre’s funded research projects give them the chance to pursue these opportunities, helping spark economic growth and job creation.” he added.
Researchers will be supervised jointly by leading academics from UK top-ten ranked Lancaster University and a representative from their host SME. Depending on the needs of the projects, graduate researchers could have expertise from a wide range of science and technology disciplines including engineering, environmental science, computing, chemistry and physics, or alternatively design or management skills.
“We already have projects proposed to look into a variety of subjects including new ways to deal with Japanese knotweed, innovative approaches to measuring air quality, insulation in buildings, rewetting of coastal land to store carbon, and energy generation from small-scale hydro installations,” said Dr Pickard.
The initiative provides access for SMEs to facilities at Lancaster University and also involves the Centre for Ecology & Hydrology and the Universities of Chester, Cumbria, Liverpool, and Liverpool John Moores.
The Centre for Global Eco-Innovation recently completed a similar three year programme with Liverpool University and Inventya, which created 308 jobs and generated 190 new products and services, winning a business Impact Award and a Green Gown Award for research and development.
Following an independent evaluation 89 per cent of participant businesses said they would recommend the programme to others and 75 per cent said they expect significant or very significant impact on their business performance, jobs and growth.
Technology company Demopad, which has offices at Lancaster University’s InfoLab21 and trades worldwide, participated in the first Centre for Global Eco-Innovation programme. The company worked with a graduate researcher as part of a three-year PhD. The research programme resulted in new hardware products that the company has been selling in the UK as well as exporting to overseas. This included the Centro 8, which acts as a connecting hub for a vast array of sophisticated high-end home entertainment systems. It is also able to automatically control heating and lighting in homes, helping to reduce energy use, bills and carbon consumption.
Mike Cain, director of Demopad, said: “As a business manager this investment through the Centre for Global Eco-Innovation has encouraged us to think we can now compete on a global scale and enabled us to bring benefits to all aspects of our business, way beyond the actual project focus.
“Our relationship with Lancaster University has been nothing short of transformational. It has given us the opportunity to have a virtually unlimited extension of our research and development resource.”
The Centre for Global Eco-Innovation is part-funded by around £4 million by the European Regional Development Fund. Lancaster University is contributing an additional £3 million to the programme.
Businesses with a clearly defined project already can register online in minutes at http://www.lancaster.ac.uk/engage/business. For more information or help scoping a project, email firstname.lastname@example.org and one of the Centre's team will be in touch.
More details are available by visiting http://www.globalecoinnovation.org/
Hybrid cyber defences could be answer to protect critical infrastructure
25 October 2016
Passive systems offer a low cost solution and are effective against simplistic threats. However, when deployed on their own, passive defences can be exploited by more determined and sophisticated attacks, producing a detection rate as low as 53 per cent in testbed environments.Active defence systems are more effective against sophisticated attacks, however their use is undesirable because they are costly, resource-intensive and risk overloading old hardware systems. These solutions involve directly interrogating the system’s controlling device for information.Research by Lancaster University’s Security Lancaster research centre has identified a hybrid approach to Intrusion Detection for ICS that provides the best of both worlds. The system, called ‘Selective Non-invasive Active Monitoring for ICS Intrusion Detection’ (SENAMI), is a new method of active monitoring that is used very selectively.
CREST Security Review highlights the best research from around the world
31 August 2016
The Centre for Research and Evidence on Security Threats (CREST) has just launched the publication entitled ‘CREST Security Review’ (CSR).
Articles translate academic jargon to ‘so what’ answers and illustrate how behavioural and social science can be used effectively in everyday scenarios.
Since its launch last year, CREST, which develops and uses economic and social science research to understand, mitigate and counter security threats, has established a growing international network of more than 80 researchers.
It has commissioned research in priority areas and begun to tackle some of the field’s most pressing questions.
The new magazine communicates research from CREST’s work and from other leading research centres and academics around the globe.
“There really is some impressive work going on,” says CREST Director Professor Paul Taylor. “Yet, all that effort is irrelevant if practitioners, policy-makers, and other stakeholders do not get to hear about it.
“CREST Security Review is one way we will keep stakeholders informed not only on what CREST is doing but also on the best research from around the world.”
Each issue will include articles on a particular focus.
The first issue addresses information elicitation including interrogation and interviewing and other contexts where people are encouraged to provide information. It will look at evidence-based techniques for detecting deception – from the polygraph to better questioning strategies; on the power of simple friendly questions in information elicitation; and on human memory.
Other articles examine why people are so trusting when online, reveal how our smart watches will soon know us better than ourselves and summarise the differences and similarities between Sunni and Shi’a Muslims.
- CREST Security Review is available from the CREST website.
- It is available free of charge, under a Creative Commons 4.0 BY-NC-SA licence.
- CREST encourages the sharing and use of its material – for more information on how please visit https://crestresearch.ac.uk/copyright/
CREST is funded by the UK’s security and intelligence agencies to identify and produce social science that enhances their understanding of security threats and capacity to counter them.
CREST also receives funding from its six founding partners (the universities of Bath, Birmingham, Cranfield, Lancaster, Portsmouth and West of England).
Its funding is administered by the Economic and Social Research Council, one of seven UK Research Councils, which direct taxpayers’ money towards academic research and training. The ESRC ensures the academic independence and rigour of CREST’s work.
For more information on CREST and its work visit its website at www.crestresearch.ac.uk and follow it on twitter @crest_research
Data mining of Twitter posts can help identify when people become sympathetic to groups like ISIS
25 June 2016
The research, which has been done in close collaboration between Lancaster University and the Open University, is explained in the paper ‘Mining pro-ISIS radicalisation signals from social media users’.
The research provides evidence that shows when users begin either sharing tweets from known pro-ISIS accounts, or using extremist language – such as anti-western or pro-ISIS statements – they quickly display a large change in the language they use, tweeting new words and terms, and indicating a clear shift in online behaviour.
Often before a user shows signals of having become radicalised they discuss topics such as politics, using words such as Syria, Israel and Egypt in a negative context and highly frequently. However, once they display signals of radicalisation their language changes to use religious words more frequently, such as Allah, Muslims and Quran, it was found.
Dr Matthew Rowe, Lecturer at Lancaster University’s School of Computing and Communications, said: “We found that social dynamics play a strong role where Twitter users are more likely to adopt pro-ISIS language from other users with whom they have a lot of shared connections.
“Prior to sharing or using radical content or language users go through a period where they display a significant increase in communicating with new users or adopting new terms. This clear change suggests that users are rejecting their prior behaviour and escalating their new behaviour until displaying radicalised signals.”
Researchers defined if a Twitter user was using pro-ISIS language by identifying a lexicon of pro-ISIS terms and seeing if they used these words more than five times. They also identified known pro-ISIS Twitter accounts, or accounts suspended for supporting ISIS, and used these to reference where a user shared incitement content from.
Analysis also shed light on the sentiment of each term within the context of Tweets. The word ISIS itself was discovered to be used in a negative and likely derogatory context by Twitter users. Researchers believe pro-ISIS users are more likely to use the term ‘Islamic State’.
However, the researchers recognise more work is needed to check the robustness of their data mining methods as only a relative small sample of 727 Twitter users of the 154,000 accounts analysed showed signs of pro-ISIS behaviour. Most of these displayed radical behaviour during the Summer of 2014 when there was significant media and social media attention given to the execution of ISIS hostages.
“There does appear to be an association between information, such as of executions, appearing in the public domain and the sharing of ISIS content or adopting pro-ISIS language,” said Dr Rowe.
The paper's authors are Dr Matthew Rowe, of Lancaster University’s School of Computing and Communications, and Dr Hassan Saif, of the Open University’s Knowledge Media Institute.
First awards announced by UK’s Centre for Research and Evidence on Security Threats
25 June 2016
The ten successful projects (subject to contract) were selected out of 136 applications following an independent selection process.
Speaking about the announcement the Director of CREST, Professor Paul Taylor, said: “We were delighted with the outstanding response to our call. Standing out against stiff competition, the successful projects promise innovation, rigour, and results that will make a difference to how we understand and counter security threats. I am looking forward to working with them.”
The successful projects are:
- Professor Laurence Alison at the University of Liverpool, ‘The Birkenhead Drill’: An Exploratory Study of Expertise and Inertia in Emergency Service Responses
- Dr Stephane Baele at the University of Exeter, How Does Isis’ Online Propaganda Demonstrate Mechanisms of Radicalisation? Assessing Cognitive Mechanisms of Radicalisation With A Quantitative Analysis Of Isis’ Online Propaganda
- Professor Nick Donnelly at the University of Southampton, Differences in the Ability to Spot Rare, Non-salient or Hidden Targets
- Professor Karen Douglas at the University of Kent, Why do people adopt conspiracy theories, how are they communicated, and what are their risks? Perspectives from psychology, information engineering, political science, and sociology
- Professor Neil Ferguson at Liverpool Hope University, Learning and unlearning terrorism: The transition from civilian life into paramilitarism and back again during the conflict and peace process in Northern Ireland
- Dr Paul Gill at UCL, Applying Criminological Paradigms to Terrorist Decision Making Regarding Security and Risk
- Professor Par Anders Granhag at the University of Gothenburg, Minimal Social Exclusion: A Means to Increased Information Gain in Human Intelligence Interviews?
- Dr Christopher McDowell at City University London, From the Diasporisation to the Transnationalisation of Exile Politics: Understanding When Extremism Gives Way to Moderate Politics – The Case of Sri Lanka, 1983-2016
- Dr Jasjit Singh at the University of Leeds, Ethno-national, religio-cultural or anti-Muslim? Investigating Sikh radicalisation in Britain
- Professor Paul Thomas at the University of Huddersfield and Professor Michele Grossman at Victoria University (Australia), Community Reporting Thresholds: Sharing information with authorities concerning violent extremist activity and involvement in foreign conflict: A UK Replication Study
For more information about the selection process and the successful projects please visit the CREST website at: https://crestresearch.ac.uk/news/commissioning-call-awards-announced
North West firms urged to tap into Lancaster's funded business-led R&D initiatives
29 April 2016
Companies are invited to submit a research idea or problem that they would like to overcome with the potential for graduate researchers, fully supervised and supported by Lancaster academics, to explore a problem extensively up to a three-year period.
Shorter-term funded projects, internships, product development, technology assessment and guidance, leadership development, consultancy, innovation workshops, and a wider range of other projects and facilities for SMEs are also available. Experienced business partnership staff will work to ensure businesses get the most appropriate support.
Dr Mark Rushforth, Head of Business Partnerships and Enterprise at Lancaster University’s Faculty of Science and Technology, said: “These Lancaster University initiatives offer North West businesses a real opportunity to scale-up their research and development capacity. As well as benefitting from the fresh thinking, talent and technical skills of Lancaster science and technology graduates, businesses can also tap into the expertise of our leading academics and cutting-edge facilities.”
Lancaster University facilities available for use by businesses through collaborative research projects include cyber-security laboratories, glasshouse spaces and controlled environment plant growth rooms, dilution refrigerators for some of the lowest temperature testing in the world, high-resolution mass spectroscopy, additive manufacturing facilities, new £4 million class 100 and class 1000 clean rooms and more than £7 million new chemistry facilities, including a dedicated building for industry access and a range of state of the art chemical and physical characterisation, analysis and synthesis equipment. .
There is a rolling call for three year projects from April to July 2016. The majority of longer term collaborative projects will start in October 2016. There will be a competitive process to select the projects with most potential for company growth. Businesses will be asked to contribute up to £5,500 per year towards the costs of their researcher.
Lancaster University, one of only four UK universities to achieve the Small Business Charter Gold Award, is ranked top ten for interactions with SMEs by Government and has more than £18 million of activity with business in Science and Technology disciplines alone.
Becky Gordon, Operations Manager for Business Partnershihps and Enterprise said "Companies that have a clearly defined project already can register online in minutes, and will be contacted by our business partnerships team. We would also like to hear from businesses that have an idea or challenge to talk through, or need us to help scope their project, or want to find out more about our other funded activities"
Businesses interested in applying for a Lancaster University funded research and development initiative can register online at www.lancaster.ac.uk/engage/business, visit www.lancaster.ac.uk/sci-tech/business/funded-research, or contact Becky Gordon,email@example.com, 01524 510188 / 07811 832770 for more information
New Lancaster University centre will research violence and society
14 March 2016
The Violence & Society UNESCO Centre is a coalition of researchers based in eight departments across three faculties at Lancaster University, linked to collaborators in other UK, European and international universities, policy-makers and service providers.
Distinguished Professor Sylvia Walby, from the University’s Sociology Department, who is Director of the Violence & Society UNESCO Centre and holder of the UNESCO Chair in Gender Research said: “The launch of this new research centre represents a very significant and exciting opportunity to bring together colleagues from across the University and external partners to collaborate on pushing forward this very important global research agenda on violence.”
The Centre launches on 15 March 2016 with a Public Lecture by Kristiina Kangaspunta, Chief of the United Nations Office of Drugs and Crime (UNODC) Trafficking in Persons Unit on ‘Trafficking in Human Beings: Large, Medium, Small - The Size of Human Trafficking’.
Trafficking in human beings – one of the topics the new Centre is researching, has been described as the second largest source of illegal profits in the world, victimising millions of people and generating billions of dollars. The challenge of producing accurate estimates of something that is hidden is immense. This lecture challenges current orthodoxies and considers the ways forward.
Professor Andrew Atherton, the Deputy Vice-Chancellor of Lancaster University, will chair the event, which will take place in the Management School Lecture Theatre 6 from 4.15pm to 6pm. All are welcome.
New analysis method makes increasing rate of violent crime visible
18 January 2016
They found the rate of domestic violence has been increasing since 2009. The rate of violence against women has also been increasing since 2009. But violent crime against men is still decreasing.
The rate of violent crime overall has started to increase since 2009, driven by the changes in domestic violent crime and in violent crime against women.
These findings contradict the official view that violent crime in England and Wales is continuing to fall.
This increase is concentrated among ‘high frequency’ victims - those who experience multiple attacks.
The research finds that domestic violent crime and violent crime against women have been increasing since 2009. Before this, these forms of violent crime had been falling since the mid-1990s. The change point, from decrease to increase, coincides with the start of the economic crisis.
The researchers compare trends based on the number of victims, capped crimes, and all reported crimes. This new analysis finds that ‘high frequency’ victims, rather than all victims, are key to the increasing rate of violent crime in England and Wales.
This new methodology rejects ‘capping’ and uses all reported crimes without increasing volatility. Official methods of estimating violent crime using this data cap the yearly number of violent crimes against any one individual at five, despite around 5% of respondents reporting a greater number than this. Capping is a widely used statistical technique designed to reduce year-to-year volatility when examining change over time, but this method can introduce significant bias.
The new method manages volatility through an alternative statistical technique of three year moving averages. This results in the same level of volatility but without introducing the bias caused by capping. The research analyses trends using segmented regression which allows the identification changepoints.
New “Internet of Things” research hub announced
6 January 2016
This interdisciplinary work will concentrate on a number of key areas, including the security considerations for connected devices in critical infrastructure and industrial environments, the creation and use of ‘big data’ for ‘smart’ highways maintenance and ‘e-Campus’ (the world’s largest research testbed for ambient displays), as well as developing new design techniques that will be used to create visions of what the future for the internet of things may be to enable as many people as possible to engage with shaping those futures.
Rachel Cooper, Professor of Design Management and Policy at Lancaster University, said: “The Internet of Things is shaping up to be the next big digital revolution with billions of objects becoming connected to the internet. These devices will produce unprecedented volumes of data as well as posing significant security challenges and the need for innovative design solutions".
“Working alongside colleagues within the Hub, Lancaster’s expertise will cut across these areas to provide solutions that will help ensure that the IoT brings about its much promised economic and societal benefits to the UK in a way that is safe, secure and robust.”
Ed Vaizey, Digital Economy Minister announced the Government funding for the Hub on 6 January 2016, he said: “UK universities are renowned for their creativity, and pioneering research and development. We want the UK to be a world leader in the adoption of Internet of Things technologies, and I know that bringing these universities together with partners from the UK's thriving tech industry will be instrumental in making this a reality.”
An additional £9.7 million comes from partners including SMEs, industry, NGOs, and public bodies. With just over £4 million of additional support from the participating institutions, the total investment in the PETRAS IoT Hub comes to £24 million over three years.
The Hub is a consortium of nine leading universities have come together as the PETRAS IoT Hub, led by UCL with Imperial College London, Lancaster University, University of Oxford, University of Warwick, Cardiff University, University of Edinburgh, University of Southampton, and University of Surrey.
Initial IoT work carried out by Lancaster experts as part of the Hub includes:
• Studying the security and safety risks posed by the introduction of IoT in industrial infrastructures.
• Developing novel cyber security driven architectures based on the philosophy ‘If it is not cyber secure, it is not safe’.
• Contributing expertise in data and trust within IoT systems for smarter highways maintenance and ambient environments.
• Developing new design techniques that will enable people to shape the future of the Internet of Things.
PETRAS IoT Hub Director Professor Jeremy Watson said: “We will maximize the economic and societal opportunities of the Internet of Things by removing barriers to adoption.”
“Working with business, public, and third sectors will enable the PETRAS IoT Hub members to investigate questions of safety, security, privacy and trust within real life settings.
“The UK has the potential to be the world’s most supportive environment for the development and deployment of a safe and secure Internet of Things. We will raise the bar using innovative collaborative and interdisciplinary research methods.”
Lancaster academics involved in the PETRAS IoT Hub include Professor Rachel Cooper, Professor Paul Coulton, Professor Awais Rashid and Professor Nigel Davies.
Professor Philip Nelson, EPSRC’s Chief Executive, said: “In the not too distant future almost all of our daily lives will be connected, in one way or another, to the digital world. Physical objects and devices will be able to interact with each other, ourselves, and the wider virtual world. But, before this can happen, there must be trust and confidence in how the Internet of Things works, its security and its resilience. By harnessing our world-leading research excellence this PETRAS research Hub will accelerate IoT technology innovation and bring benefit to society and business.”
WiFi signals can be exploited to detect attackers
21 December 2015
Although wireless transmissions can be encrypted to protect transmitted data, it is hard to determine if a device – such as a wirelessly connected security camera protecting critical buildings in airports or power stations – has been tampered with. An attacker may simply rotate a camera’s view away from the area it is guarding without triggering an alert.
Researchers at Lancaster University, in their study ‘Using Channel State Information for Tamper Detection in the Internet of Things’ have created a method that analyses WiFi signals at multiple receivers to detect physical attacks. A change in the pattern of wireless signals – known as Channel State Information (CSI) – picked up by the receivers can indicate a tamper situation. The algorithm detects attacks despite signal noise caused by natural changes to the environment such as people walking through the communication paths.
Dr Utz Roedig, Reader in Lancaster University’s School of Computing and Communications and one of the report’s authors, said: “A large number of Internet of Things systems are using WiFi and many of these require a high level of security. This technique gives us a new way to introduce an additional layer of defence into our communication systems. Given that we use these systems around critically important infrastructure this additional protection is vital.”
The paper was presented by lead author Ibrahim Ethem Bagci at the 31st Annual Computer Applications Conference (ACSAC) in Los Angeles on Wednesday, December 9.
Other contributors to the research include Ivan Martinovic from the University of Oxford and Matthias Schulz and Matthias Hollick from the Technische Universitat Darmstadt.
More information about Lancaster University’s School of Computing and Communications
National Centre for Research and Evidence on Security Threats Launch
1 October 2015
The founding partners will oversee programmes of activity that attract the best social scientists from the UK and abroad to partner with industry and government and break new ground in our understanding of and capacity to counter contemporary threats.
Launching today (October 1), the Centre was commissioned by and will be administered by the Economic and Social Research Council (ESRC) with a focus on conducting independent research and knowledge synthesis to inform approaches to countering contemporary security threats to individuals, communities and institutions.
The centre is funded for three years with £4.35 million from the UK security and intelligence agencies and a further £2.2m invested by the founding institutions.
Director of CREST Professor Paul Taylor, from Lancaster University, said: “Bringing together the UK’s top economic, behavioural and social scientists with partners in industry and government will provide unprecedented opportunities to develop our understanding of security threats and how best to mitigate them. Today’s threats are challenging and diverse. The ambitious and innovative activities of CREST over the coming years will meet these challenges."
As well as conducting world-class, independent research, the Centre will stimulate public and professional debate, connect disciplinary communities, inform security policy and practice, and provide training to research leaders of the future.
Lancaster University will lead the research programme on ideas, beliefs and values in social contexts, examining how extremist ideologies are transmitted and countered.
The other founding partners will lead programmes looking at actors and narratives, online behaviour, eliciting information, and protective security and risk assessment.
The project will initially fund 13 PhD students working across all five universities.
Lancaster University and Nettitude agree strategic cyber security research partnership
24 September 2015
Awais Rashid, Director of Security Lancaster, the University’s centre of excellence for cyber security research, said: “Lancaster University welcomes the opportunity to forge a close relationship with a dynamic high-growth strategic corporate partner in Nettitude.
“Nettitude has developed a strong reputation within the cyber security industry and our partnership will help to underpin our high-quality research and ensure that we are able to have a direct impact on ensuring businesses, and the UK economy, are protected from malicious attacks.”
Dr Jules Pagna Disso, Head of Research and Development from Nettitude, said: “It is very important for us to create partnerships with institutions such as Lancaster University, as they are attracting some of the brightest young minds to the discipline of cyber security. As an organisation, we recognise the importance of investing in research initiatives like this which will help to both make advancements in how we secure data and systems, as well as nurture new talent.”
Lancaster University has a long history of providing world-class research and training on issues relating to the safety and security of UK society. The University delivers a GCHQ-approved Masters degree in Cyber Security, and its Security Lancaster research centre has been awarded Centre of Excellence in Cyber Security Research by GCHQ and the EPSRC.
The partnership with Nettitude has already resulted in the creation of a joint project entitled ‘ICS/SCADA Risk Framework and Passive Network Appliance’. The project, which has been awarded funding by the UK’s innovation agency, Innovate UK, will involve the development of a framework and network based appliance that will provide end users within complex supply chains with the relevant knowledge and visibility of their key areas of risk. The creation of a common framework will provide consistency across the supply chain, helping organisations to identify the priorities and actions needed to ensure a robust security posture is maintained.
The project is expected to last 18 months and is due to begin in autumn 2015.
Could laptops torpedo navies of the future?
13 March 2015
Software obsolescence, increased automation of ship control systems, cloud computing, and the deception and bribery of key staff and crew through social media are just some of the emerging potential weaknesses that online criminals and agents could exploit.
The 'Cyber Operations in the Maritime Environment' report by academics at Lancaster University’s Security Lancaster – an Academic Centre of Excellence in Cyber Security Research – highlights that this heightened vulnerability will require navies and shipping companies to adopt new defensive measures to mitigate against cyber-attacks.
"In years gone by only those who had the capacity to build expensive ocean-going vessels had the ability to secure sea lanes and exploit the maritime landscape for profit," says Oliver Fitton of Security Lancaster and one of the report’s authors. "For the first time in maritime history the positive correlation between capital spent and power is undermined, cyber-attacks are low-cost alternatives to physical attacks, which have the ability to cripple maritime operations.
"The whole maritime industry must reassess its spending on long-term platforms (ships and other vessels).
"Ship builders especially must consider whether it is right to spend billions of pounds on platforms, and physical defensive systems, when they have the potential to be nullified by a single well-informed individual, thousands of miles away, with an internet connection and a few browser tabs open.
"Money may be better spent in cyber offence and defence. Another question that should be asked at the dawn of the age of cyber weaponry is – will you always need to be at sea to secure and exercise command in it?"
The report highlights how the ending of support for software such as Microsoft’s XP operating system – a user-friendly and robust system that could be adapted to a wide range of uses at sea – after 13 years means there will be no further official security updates. However, ships using the software are designed with much longer lifespans.
Due to short software lifespans like these, the report recommends that navies will have to 'fundamentally rethink' how they use technology on the commissioning of expensive vessels such as the Royal Navy’s new aircraft carriers that are currently under construction.
"It is impossible to imagine that these ships will maintain their effectiveness in 50 years' time if they continue to use their inaugural computer systems," says Mr Fitton. "Software will continue to have a dramatically shorter lifespan than hardware (ships). In the maritime environment hardware will continue to be designed and built to last for decades. Whereas software will only last until a vulnerability is developed to attack it, until the vendor (software company) decides not to support it or until the vendor goes out of business."
The report says the trend towards increased automation of shipping operating systems –enabling smaller crews, which reduces costs – also presents opportunities for malicious attackers.
"As the trend for greater automation continues new vectors of attack will be created," says Mr Fitton. "The trend to integrate technology makes sense when efficiency and economy are under consideration but not necessarily when security threats are taken into account."
The report predicts that off-the-shelf standard technology will become widespread – making it easily obtainable by criminals and leading to increased opportunities for attacks. Subcontractors maintaining these software systems could also be a potential threat vector.
As sea-faring vessels will be increasingly connected to the internet, another key vulnerability will be people on-board being targeted through their social media accounts and criminals or agents using methods such as social engineering, deception, identity theft, bribery and blackmail.
Mr Fitton said: "Friend and contact lists allow attackers to build up a picture of acquaintances, colleagues, friends and family members for use against the target maybe in the form of an identity theft attack or in the form of blackmail – which is especially effective when an individual is thousands of miles away from his or her loved ones. Each connection in a social network is a potential vector for social attack.
"For many years crews were isolated from the rest of the world while at sea but technology is changing that. Already US naval ships have their own wi-fi networks and private firms are attracting the best crew they can by offering comprehensive connectivity to employees.
"This means that new individuals who were once unreachable are now targets for remote attackers."
The report stresses the need for policies and procedures to be put in place to reduce the risk of employees coming under attack.
The 'Cyber Operations in the Maritime Environment' report was produced in response to an identification of a lack of understanding of the cyber threat within British Maritime Doctrine – the National Strategy for Maritime Security and commercial maritime operators. It was written by Mr Oliver Fitton, Dr Basil Germond, Dr Mark Lacey and Dr Daniel Prince.
More information about Security Lancaster is available by visiting Security Lancaster
Ethical hacking industry needs greater professional standards – report highlights
20 January 2015
William Knowles, from Lancaster University’s Security Lancaster, said: “Penetration testing has become widespread. Increased standardisation would serve to protect cyber security professionals by providing a level playing-field on which to compete.
“A lack of consumer clarity in a complex professional services market, coupled with increasing demand for companies to provide levels of security assurance in order to do business, leads to variable quality in the market place, which could put companies at risk.”
Currently, the inconsistent terminology and levels of service offered are holding back the industry, leading one security provider to describe the current situation as like a “Wild West.”
The report makes three recommendations for standardisation:
• Standardise terminology for different levels of testing – to enable clients to make more informed decisions and to compare like for like with providers. This would also help to offer the service to international markets.
• Guidelines for reporting structure and content – to offer clients greater consistency through the use of metrics and recommendations, as well as empowering clients to understand security threats facing their organisations.
• The creation of guidelines for auditors on using penetration test results as evidence within compliance assessments for security standards is also recommended.
The report’s authors interviewed 54 stakeholders including 32 penetration testing providers and their clients, as well as seven industry stakeholders, including technical bodies and government departments.
William Knowles said: “The threat of cyber attacks has led to an increase of simulated and controlled cyber security evaluations of IT infrastructures. Such evaluations are frequently referred to as penetration testing. However, in practice, the nomenclature encompasses a variety of other labels, including vulnerability assessments, IT health checks, ‘red team’ exercises, and ethical hacking.
“Both providers and clients were found to be dissatisfied by the lack of transparency and consistency in industry offerings. Given the importance and rapid growth of penetration testing, resolving these needs for best practice quickly would aid both providers and buyers.
“Standardisation of terminology would enable clients to compare like for like, and provide clarity and consistency, which would also aid the commoditisation of penetration testing, particularly when looking to international markets. It would also help to alleviate some of the frustrations revealed in the report, where providers see competitors offering vulnerability assessments badged as penetration tests.”
Dr Alistair Baron, of Security Lancaster and co-author, said: "Another concern highlighted during the interviews was the potential legal and ethical perils surrounding the use of social engineering as part of penetration testing exercises. This is an area that will be tackled in future research at Security Lancaster."
While pointing out existing issues within the industry, the report recognises the foundations laid by schemes such as CHECK, CREST and Tigerscheme.
Tim McGarr, Market Development Manager for ICT & Asset Management, Governance & Resilience at BSI, said: “Organisations are increasingly looking to the penetration testing industry to better understand and improve their cyber security. As this thought leadership report has shown, there are respected qualifications for individual penetration testers, but that there can be greater consistency of the service penetration testing firms provide.
“Greater standardisation in this area as identified in the report should allow customers to know they are getting a consistent comparable service. In addition, it will allow providers to better demonstrate and differentiate their capabilities. BSI will use the findings of the report to reach out to the stakeholders in the penetration testing market to determine the demand for new standards.”
BSI is currently in dialogue with various stakeholders in the penetration testing industry to take these standards recommendations forward. If you are interested in inputting to the approach please contact Tim.McGarr@bsigroup.com
To find out more about Security Lancaster and how it can help your organisation, seewww.lancaster.ac.uk/security-lancaster or contact Business Partnerships Manager and Associate Director for Security Lancaster, Dr Daniel Prince 07807 125 781 firstname.lastname@example.org
The full report can be viewed here.
BSI (British Standards Institution) is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence. Formed in 1901, BSI was the world’s first National Standards Body and a founding member of the International Organization for Standardization (ISO). Over a century later it continues to facilitate business improvement across the globe by helping its clients drive performance, manage risk and grow sustainably through the adoption of international management systems standards, many of which BSI originated. Renowned for its marks of excellence including the consumer recognized BSI Kitemark™, BSI’s influence spans multiple sectors including aerospace, automotive, built environment, food, healthcare and ICT. With over 80,000 clients in 172 countries, BSI is an organization whose standards inspire excellence across the globe.
To learn more, please visit www.bsigroup.com
Researchers develop new form of lie-detector test
5 January 2015
Researchers in Britain and the Netherlands have made a breakthrough, developing a method with a success rate in tests of over 70% that could be in use in police stations around the world within a decade. Rather than relying on facial tics, talking too much or waving of arms – all seen as tell-tale signs of lying – the new method involves monitoring full-body motions to provide an indicator of signs of guilty feelings.
The polygraph is widely used in the US in criminal and other cases and for security clearance for the FBI and CIA, but is much less popular in Europe. There has been a lot of scepticism in the scientific and legal communities about its reliability. By contrast, the new method developed by the researchers has performed well in experiments.
The basic premise is that liars fidget more and so the use of an all-body motion suit – the kind used in films to create computer-generated characters – will pick this up. The suit contains 17 sensors that register movement up to 120 times per second in three dimensions for 23 joints. The findings are to be published at an international conference on system sciences opening at Kauai, Hawaii, on Monday.
One of the research team, Ross Anderson, professor of security engineering at Cambridge University, said: “Decades of deception research show that the interviewer will tell truth from lies only slightly better than random, about 55 out of 100.
“The polygraph has been around since the 1920s and by measuring physiological stress induced by anxiety you can get to 60. However, it can easily be abused as an interrogation prop and many people are anxious anyway facing a polygraph on which their job or liberty depends.”
He said the new method, by contrast, achieved a reliability rating of over 70% and he was confident they would be able to do better. In some tests, the team has already achieved more than 80%.
Anderson said: “The takeaway message is that guilty people fidget more and we can measure this robustly.”
Anderson added that the research had a special significance at this time, against the background of the US Senate report on torture by the CIA. Apart from the moral case against torture, Anderson pointed out that it was a very unreliable way of gathering accurate information. “We have known for a long time that torture does not work,” he said. The new method offers a pragmatic, scientifically backed alternative for conducting interviews.
The research paper was written by Dr Sophie van der Zee, of Cambridge University, Professor Ronald Poppe of Utrecht university, Professor Paul Taylor of Lancaster university, and Anderson.
The polygraph was created in 1921 by policeman John Larson, based on research by the psychologist William Marston, and records changes in pulse, blood pressure, sweating and breathing to ascertain whether a subject is lying. While cinema depictions suggest the device is near-infallible, the US supreme court ruled in 1998 that there was no consensus that the polygraph was reliable, a finding supported by the US National Academy of Scientists in 2003.
The experiment carried out by Anderson and his colleagues involved 180 students and employees at Lancaster University, of which half were told to tell the truth and half to lie. They were each paid £7.50 for their participation in the 70-minute experiment, involving two tests. Some were interviewed about a computer game ‘Never End’ that they played for seven minutes, while others lied about playing it having only been shown notes about it. The second test involved a lost wallet containing £5. Some were asked to bring the wallet to a lost-and-found box while others hid it and lied about it.
“Overall, we correctly classified 82.2% (truths: 88.9%, lies: 75.6%) of the interviewees as either being truthful or deceptive based on the combined movement in their individual limbs,” the report says.
Anderson said: “Our first attempt looked at the extent to which different body parts and body signals indicated deception. It turned out that liars wave their arms more, but again this is only at the 60% level that you can get from a conventional polygraph. The paydirt was when we considered total body motion. That turns out to tell truth from lies over 70% of the time, and we believe it can be improved still further by combining it with optimal questioning techniques.”
Another advantage is that the total body motion is relatively unaffected by cultural background, anxiety and cognitive load (how much you are thinking) that confound other lie-detection technologies, Anderson said. The use of all-body suits is expensive – they cost about £30,000 – and can be uncomfortable, and Anderson and his colleagues are now looking at low-cost alternatives. These include using motion-sensing technology from computer games, such as the Kinect devices developed by Microsoft for the Xbox console.
Anderson acknowledges that agencies such as the CIA could teach agents how to counter the full-body motion method by freezing their bodies but he said that in itself would be a giveaway.
Lancaster research to help business decision-makers protect against cyber attack
9 October 2014
The ‘MUMBA’ project is specifically focused on threats to ‘industrial control systems’, which manage key infrastructure such as manufacturing plants, power stations, electricity grids, and transport networks. These systems are increasingly connected to the internet, which makes them potentially more vulnerable to cyber-attack from those with hostile intent.
Professor Awais Rashid, lead scientist on MUMBA and director of Lancaster University’s Security Lancaster research centre, said: “This research is about understanding the cyber security risks at the intersection of people and technology. If you give people lots of technical metrics that they don’t understand you get poor decision-making.
“Risk decisions are made not only at board and management level but also by those working with industrial control systems on a day-to-day basis. Our project will produce a software tool that will allow professionals to more effectively understand and visualise risks to industrial control systems.”
The research project, which has received £393,867 funding by the Engineering and Physical Sciences Research Council (EPSRC), will also study the implications of particular security decisions in 20 - 30 years’ time given long operational life of such systems. This will provide information to ensure much needed future-proofing of critical connected infrastructure.
The project aims to become a cornerstone for future research into articulating and translating cyber risk into metrics that can be understood by leaders as business risks.
The project builds on and extends an already extensive programme of research at Lancaster on understanding and mitigating cyber risks to industrial control systems.
The Lancaster University research forms part of a wider £2.5million research programme that is led by Imperial College London and also includes Queen’s University of Belfast, the University of Birmingham, and City University London.
More information about Lancaster University’s Security Lancaster research centre can be found at www.security-centre.lancs.ac.uk.
Lancaster University Cyber Security course is certified by UK's national intelligence agency
7 August 2014
Announced by Francis Maude, Minister for the Cabinet Office, the certification reflects the agency's approval of the high standards and abilities with which Lancaster University is equipping its graduates as they help to plug the large skills gap in the ongoing battle against cyber criminals that are costing the economy billions.
Professor Awais Rashid, director of Security Lancaster, said: "Government recognises that robust cyber security is essential for the UK to prosper in the digital age.
"At the moment there is a significant skills gap with demand for talented people equipped with the necessary cyber security skills being outstripped by supply. Centres of excellence like Security Lancaster are working hard to help equip our students with those sought-after and increasingly important skills to help meet the cyber security needs of business, industry and the society-at-large.
"We are happy our Masters in Cyber Security has received this certification as part of a rigorous national assessment and we are sure this measure will also help employers to identify the best graduates with the necessary skills."
The GCHQ certification reflects the aims of the National Cyber Security Programme, UK Government and its delivery partners, to increase the UK's academic capability in all fields of cyber security.
Lancaster University's Security Lancaster is an EPSRC-GCHQ Academic Centre of Excellence in Cyber Security Research. GCHQ, which has identified establishing a network of cyber security centres of excellence as a strategic priority, has indicated that delivering certified Masters qualifications is likely to be a prerequisite for future centre of excellence status in cyber security education for universities.
Francis Maude, Minister for the Cabinet Office, said: "Cyber security is a crucial part of this government's long term plan for the British economy. We want to make the UK one of the safest places in the world to do business online. Through the excellent work of GCHQ, in partnership with other government departments, the private sector and academia, we are able to counter threats and ensure together we are stronger and more aware."
Chris Ensor, Deputy Director for the National Technical Authority for Information Assurance at GCHQ, said: "As the National Technical Authority for Information Assurance, GCHQ recognises the critical role academia plays in developing the UK's skill and knowledge base.
"I'd like to congratulate the universities which have been recognised as offering a Master's degree which covers the broad range of subjects that underpin a good understanding of Cyber Security."
According to a report from security company McAfee cybercrime costs the global economy £266 billion annually. A 2011 Government report estimated the cost to the UK economy to be around £27 billion a year.
An independent report commissioned by Lancaster University estimated that cybercrime costs key sector businesses in North West England almost Â£107 million a year.
Emphasising the importance the certification brings to industry Mark Hughes, President of BT Security, said: "At BT we are acutely aware of the impact of the UK cyber skills gap and recruiting the right people with the right knowledge and skills is a big deal for us.
"As a leading Internet service provider we want to employ the very best. That is why we welcome GCHQ's certification of Master's degrees in Cyber Security. The fact that GCHQ recognises these courses as high calibre gives us, at BT, the confidence that those graduating with a Master's from one of these universities will have the sound knowledge base in cyber security that we would be looking for. This is a great step forward in developing the cyber specialist of tomorrow."
Other universities to have received full certification from GCHQ are Edinburgh Napier University, University of Oxford and Royal Holloway, University of London.
Cranfield University and University of Surrey received provisional certification.
More information about Security Lancaster is available by visiting www.security-centre.lancs.ac.uk
Information about Lancaster University's MSc in Cyber Security is available by visiting www.scc.lancs.ac.uk/masters/CyberSecurity