How a Leeds firm is pioneering a new vaccine - against cybercrime

BlackDice is developing machine-learning and predictive analytics designed to forecast and protect against cyber-attacks, and its technology is so promising that it has just been awarded a £100,000 grant from Innovate UK’s Sustainable Innovation Fund.

“The funding allows us to move forwards on our artificial intelligence platform for detecting signals and patterns that then alert us to threats that are starting to build,” CEO Paul Hague told The Yorkshire Post.

“We can start to predict when cyber-attacks are likely to happen, which devices they’re likely to attack, and how they’re potentially going to manifest itself.”

BlackDice’s software is designed to “vaccinate” its clients’ IT systems against the kind of online threats that have grown into a global industry. New York-based Cybersecurity Ventures predicts that the costs of cybercrime will reach $10.5trn annually by 2025, representing the “greatest transfer of economic wealth in history”.

Despite the size of the problem, the chances of a culprit being detected and prosecuted are just 0.05 per cent in the US, according to the World Economic Forum’s 2020 Global Risk Report, and far smaller in many other jurisdictions. That means that the best – and only realistic – approach to combating the problem is prevention, which is where BlackDice comes in.

“We’re kind of looking for two things,” says Mr Hague. “From all the data that we capture from the internet, we’re looking for signals that cluster together to cause patterns of behaviour. If we can spot the patterns, we can then break those patterns up. All the devices are connected to the router, and from there we’re looking for similar things: signals. If we can pull those together into patterns, we can then match those patterns with the patterns that we’ve detected out on the wider internet, and then start to understand how those potential attacks are building.

“Once we start looking for other signals and patterns that have happened historically, we can use all the data that we capture as the ‘source of truth’ for machine-learning models – which we can then automate and predict when things are likely to happen. There’s lots and lots of detail, and it’s all about tiny changes in behaviour.”

He says he can’t be more specific, as it would risk giving away “trade secrets”, but the benefit to the client of this kind of insight could be dramatic.

“It means that, for example, a telecoms operator using our solution would get prior knowledge of attacks that are likely to happen in the future, giving them time to take remedial action, such as patching software or routers, notifying customers that certain things on their devices might be causing problems, or fixing vulnerabilities – all those sorts of things,” says Mr Hague.

“I think what we’re doing is really interesting. I know I would say that, but it is really interesting, because the earlier you know about something, the quicker you can do something about it – in all walks of life.”

But while its proprietary software may be a vaccine of sorts, it does not represent the final nail in the coffin of the cybercriminals.

“You have to have the flu vaccine every year, because the flu virus changes every year, and this is exactly the same,” says Mr Hague.

“All of these attacks will change and morph over time – they have different ways of delivering files, different files, fileless attacks, phishing attacks. This industry’s a bit ‘whack-a-mole’ – something comes up, you hit it with a hammer, something else comes up, you hit that with a hammer – which is why we wanted to develop this predictive side.”

BlackDice is currently restricting its sales efforts to SME and residential customers, as the larger corporations often already have some cyber-security capability in place, and the big, household-name telecoms companies can be challenging for small businesses to work with.

Nevertheless, the Covid-19 pandemic has blurred the boundary between corporate and residential IT systems, and the five-strong company has picked up extra business.

“With the increase in working from home, it becomes even more important for organisations to look at their cyber-defences that extend beyond their own corporate boundaries,” says Mr Hague.

As a result, the company’s services are more in demand now than ever, with enquiries coming in from every continent. The company has just signed contracts with two telecoms operators and aims to start recruiting more members of staff in February.

Mr Hague hopes to have at least doubled the headcount by mid-summer – growth that he attributes in part to the Innovate UK grant.

“Without that kind of government support and help, small companies such as ours don’t get the chance to innovate – they don’t get the chance to actually put some serious time into research and development, because they’re busy growing the business. And it’s really important that innovative, small organisations like ours are trying to do something in that home networks area, that I suppose really has been a bit neglected, but which working from home pulls back into focus.”

As with all vaccines, BlackDice’s solution can hardly come soon enough. The problem it addresses looks destined to grow in our increasingly network-connected world.

“As soon as you put an internet connection into the back of something, it becomes vulnerable,” says Mr Hague.

“It doesn’t matter whether it’s a car – Tesla have had some of their systems hacked – whether it’s a child’s watch that’s blaring data all over the place about their location, or whether it’s your desktop at home, or even your router.

“This is never going to be finished – we won’t get to the end of the game, as you would on a games console. It’s an ongoing thing, and one that I don’t think you’re ever going to win. But you probably stand a chance of getting ahead of the game.”