A TEAM of scientists from the Capital has been selected to join an elite research institute working to protect the UK from cyber terrorism.
The group from Edinburgh University will take part in a £4.5 million UK government-supported drive to foil hackers trying to disrupt national IT networks and gather top secret information.
Formation of the GCHQ-backed team came as banks and media companies in South Korea recovered from a devastating cyber-attack, traced to an internet address in China, which crippled tens of thousands of computers.
Dr David Aspinall, principal investigator for the team from Edinburgh University, warned the risks of a major attack in the UK were constantly growing and said: “We’ll be doing fundamental science into new mechanisms and technologies to stop this from happening.”
Dr Aspinall’s team will join counterparts from across the UK to form an Academic Research Institute, which will carry out cutting-edge research into ways of automatically analysing software to reduce its vulnerability to hackers and cyber terrorists.
Contrary to popular images of top secret bunkers housing rows of elite IT scientists, Dr Aspinall said cyber criminals could launch their attacks from anywhere, with malicious software often available for download from the internet. And he revealed the Edinburgh team would focus on risks created by mobile malware – programmes downloaded from app stores which could be used to steal information stored on smartphones.
Such data can be of national and international importance when linked to government staff or senior corporate executives, Dr Aspinall warned.
“Most of the threats are coming from China at the moment, where people are downloading apps vulnerable to malware from unofficial stores,” he said.
“For the official app stores, companies like Google and Blackberry, which manage the stores, do a lot of work to review new apps and make sure malicious programmes aren’t available.
“But the danger is that malware can sneak in through gaps in the security policy. An app which seems innocent can be used to do something much more damaging.
“You might download an app which connects a few of your friends on social media but which could then be used to upload your entire address book to the internet.”
He added: “We’ll be looking into particular techniques that can scan the code of a malware programme to understand exactly how it works.”
The research institute, which will also include teams from London, Manchester and Kent universities, will run over three years and is scheduled to open for business on April 1.
Government ministers hailed the initiative and said it would also boost Edinburgh, Scotland and the UK as business locations in the digital age.
David Willetts, minister for universities and science, said: “This institute will build on the UK’s global reputation for cyber security research and innovation. It complements wider work government is doing in partnership with academia and industry to boost the economy through improved cyber security.
“This includes the Cyber Growth Partnership, which met for the first time this week.”