This Week in Cyber: February 21st – February 25th

This week UK Research and Innovation (UKRI) and Digital Security by Design (DSbD) announced that £7.9 million will go to 10 projects that will enrich and expand the Digital Security by Design software ecosystem. Development of this ecosystem will ensure security benefits of the new, more secure processor architecture developed in the prototype Morello hardware board and can aid to underpin the broader market adoption once the technology is commercially available.

Article type: Blog
authorLara
Joseph

The projects, based at institutions and companies across the UK, will usher in a new age of digital security by designing software and hardware from the bottom up to be more resistant to attacks.

Building a software ecosystem before commercialisation of the morello board concepts is key to their success and to ensure digital security by design becomes the norm when developing both hardware and software.


Earlier in the week, DSbD’s Four Nation’s Roadshow began at The National Museum of Computing in Bletchley Park. At the inaugural event participants heard about the Story of Computing. The event focused on the evolution of computing and why it is so important to look back in order to move forwards.

Participants heard from Sir Dermot Turing, acclaimed author and nephew of Alan Turing; Dr Andrew Herbert OBE, British computer scientist, formerly chairman of Microsoft Research; Andrew Elliot, Deputy Director, Cyber Security at Department for Digital, Culture, Media and Sport (DCMS); and
Professor Maire O’Neil, Professor, School of Electronics, Electrical Engineering Computer Science (CSIT).

The talks took participants through the history of computing, looking at the first attempts to use machines to solve mathematical problems, through to IT which now pervades everyday life, and how to look forward to future possibilities. 

At the next event at the Glasgow Science Centre on 3rd March, participants will hear about the current status of cyber security, highlighting why a radical update of cyber security design starting from the chip upwards is required.


This week the UK and US also published a joint advisory identifying a new malware called Cyclops Blink deployed by the Sandworm threat group, also known as Voodoo Bear. The Cyclops Blink malware could allow Sandworm to remotely access networks and seems to be a replacement for a VPN Filter malware from 2018. The malware affects small office/home office network devices

The joint advisory from the U.K National Cyber Security Center, the U.S. Cybersecurity and Infrastructure Security Agency, the National Security Agency and the Federal Bureau of Investigation outlines steps on how to identify a Cyclops Blink infection and mitigation advice to remove it. The advisory also explains the tactics, techniques and procedures associated with Sandworm. Additionally, the NCSC published a malware analysis report on Cyclops Blink to provide further information on the malware and the threat group.

Commenting on this, and published in Data Breach Today and across the ISMG estate, John Goodacre, director of the UKRI’s Digital Security by Design challenge and Professor of Computer Architectures at Manchester University, said, “malware such as Cyclops Blink is an example of the growing cost associated with the exploitation of computer vulnerabilities. One of the major challenges in Cybersecurity is once an attacker finds a way into a machine, then they are relatively free to do anything. Today’s computers have been historically constrained to focus on running software fast, and less on whether it’s running good or bad software.”

John went on to say, “to significantly reduce the opportunities for malware, technology buyers need to demand, and be able to identify, products that are secured by design. For example, knowingly select products with a root-of-trust that can ensure computers can only install and boot the expected software. For example, as is now required by Windows 11 on the PC, or is required to be PSA Certified for consumer devices. In the future, adoption of the DSbD technologies being investigated as part of the UKRI Digital Security by Design programme will further strengthen security by design with its ability to block around 70% of the ongoing software vulnerabilities from exploitation.”


Earlier this week, Asustor’s Network Attached Storage (NAS) devices were found to be targeted by a Deadbolt ransomware infection. Asustor customers took to Reddit and other forums to share word of the attacks with other users. 

By Wednesday, Asustor has issued a warning of Deadbolt to their customers, followed by malware mitigation guidance for their NAS devices. Asustor also issued guidance for users who had already been hit by the Deadbolt ransomware. 

Commenting on this, John Goodacre said, “as more people and businesses use technology, cybercriminals have increasing opportunity to attack a greater number of people through a common vulnerability.”

“It’s imperative that manufacturers increasingly supply products build and configured to be secure by default with a minimal attack surface while guiding customers that enable a feature on how to best secure it.”

“The current Asustor recommendations to disable product features will reduce the attack surface but it’s likely patches for vulnerabilities will be required to re-enable required features.” 

“The underpinning technology also needs to change. The continuous race between vulnerability discovery and patching cannot be sustained with the ever-increasing complexity of software and number of digital devices. Those buying technology need to demand security by default.  Those that sell technology products need to use components that can block the exploit of vulnerabilities such as those been developed by industry with support from the UKRI Digital Security by Design (DSbD) programme.”


 

You can find out more about the Industrial Strategy Challenge Fund here

Sign up to the newsletter

Sign up to the Digital Security by Design newsletter to stay up to date with our events, news, insights and opportunities. Be the first to know about our work and ways to get involved.

UKRI DSbD Councils
Website delivered by Digital Catapult as part of the Technology Access Programme, funded by UKRI through the Digital Security by Design Programme