This Week in Cyber: June 6th – June 10th

Digital Security by Design

Just before we all logged off for the bank holiday weekend to celebrate the 70th anniversary of the Queen’s accession to the throne, Digital Security by Design (DSbD) made an exciting announcement worth noting in this week’s blog. 

Through DSbD’s Technology Access Programme, Digital Catapult – the UK authority on advanced digital technology – awarded ten companies the opportunity to trial and experiment with potentially game-changing prototype cybersecurity technology. Developed by researchers from the University of Cambridge, in collaboration with Arm, the technology is believed to block two thirds of cyberattacks, once implemented. 

CHERI, a redesigned version of a computer’s central processing unit, is key to making systems less vulnerable and has been launched as a prototype system on the chip and demonstrator board known as Morello. For six months, the selected companies will have access to these CHERI-enabled Morello prototype boards, to use as they wish within their own businesses. In addition to technical guides and support, the companies will also receive £15,000 to support their experimentation period. Companies selected include: DataCore Software UK, Ioetec, Inventia UK, RealVNC, Riskoa, and SensorIT.

As Professor John Goodacre, Challenge Director, Digital Security by Design, UK Research and Innovation, attests: “Digital Security by Design will radically update the foundation of the insecure digital computing infrastructure by creating a new, more secure hardware and software ecosystem. The breadth of companies taking part in this technology access programme is a key step in building a security-first mindset amongst industry.”

The project could not have come at a better time, when persistent threat actors remain active with innovative attack strategies. Indeed, just yesterday researchers from BlackBerry Threat Research & Intelligence team, along with Intezer security researcher Joakim Kennedy, discovered a new Linux malware, dubbed Symbiote. As its name eludes, the malware operates in a parasitic matter. In other words, it is unique in that it does not run as a standalone executable file. Rather, it infects other running processes in order to harvest credentials and wreak havoc through remote access capabilities. Worse still, it has the ability to conceal itself, making detection difficult. 

In general, malware tends to be delivered through two key attack vectors: social engineering and software vulnerabilities. If we can limit successful infiltration through vulnerabilities, we will fare much better in the fight against cybercrime.  

 


You can follow updates @DSbDTech or via LinkedIn here  #DSbDtech

Follow Innovate UK

Twitter @innovateuk

Innovate UK on Linkedin

You can find out more about the Industrial Strategy Challenge Fund here

Delivered by Digital Catapult, funded by UKRI through the Digital Security by Design programme.