Aberdeen university leads global project to battle cyber-attacks

Large-scale attacks such as the WannaCry virus badly affected the NHS in May, including 11 of Scotland’s 14 health boards, leading to cancelled operations and ambulances being diverted.

Security experts say such attacks pose an increasing threat to organisations and businesses. Prevention is a key priority for the UK Government and research funding bodies.

Scientists at the university’s department of computing sciences aim to find ways to help stop hackers getting people to open seemingly-innocent “phishing emails” .

Techniques known as” persuasive technologies” will be investigated to encourage people to change their online behaviour.

Dr Matthew Collinson, the project’s principal investigator, said one of the main objectives was to examine ways of getting users to remember and use cyber-security advice.

“If we look at most cyber security attacks, there is a weakness relating to human behaviour that hackers seek to exploit,” Dr Collinson said.

“Their most common approach, and the one we are most familiar with, is using phishing emails to entice a user to download malware.”

“One of the main problems faced by companies and organisations is getting computer users to follow existing security policies, and the main aim of this project is to develop methods to ensure that people are more likely to do so.”

Dr Collinson added that artificial intelligence would be used to find out to construct intelligent programs using dialogue to explain security policies while persuasion techniques would “nudge” users to comply.

The UK Engineering and Physical Sciences Research Council awarded the university £756,000 to support their Supporting Security Policy with Effective Digital Intervention project, worth in excess of £1million in total.

The project also involves other universities in Europe and the US, Aberdeen City Council and National Grid.