More cyber attacks will happen if businesses continue to panic buy security

Will businesses ever learn fast enough to avoid another cyber security failure? If they continue to panic buy software like they did after the NHS crippling attack, businesses will continue to suffer issues caused by repurposed malware.

2Checkout, whose technology helps businesses sell software worldwide, analysed sales transactions before and after the WannaCry attack in seven countries; UK, US, Russia, Ireland, Australia, Germany and Canada. The data shows every country apart from Germany bought more security software in the aftermath of the attack.

This panic-buying means businesses will not be adequately protected because they rush to a decision without making assessing which security technology is most appropriate.

Erich Litch, Chief Revenue Officer at 2Checkout, told on the BBC at the time:“We have delved into the data; the 25% spike in the purchase of IT security software by UK organisations, following the NHS ransomware attack, can only be a knee-jerk reaction. News travels fast, and in the US, the spike in security software purchases nearly doubled (43%) as organisations look to avoid the large-scale attacks seen in the UK.

Yet, organisations looking to avoid suffering the same fate as the NHS need to get strategic. Panic buying security software is not the answer to a very important cyber security question. The message here is clear, don’t wait for another attack to make a decision about cyber security. Make this an active part of your strategy, not a reaction to a disaster.”

(104)

Share

Trustonic and MediaTek announce co-operation in automotive sector

TEE hardware set to protect telematics & in-car infotainment systems

Trustonic today announces a collaboration with systems-on-chips (SoCs) specialist MediaTek to provide the automotive industry with highly secure telematics and in-car entertainment systems for connected vehicles. This partnership ensures that security is foundational, in an environment that has seen massive increases in external connectivity and in the number of features delivered by systems connected to in-car networks.

Increasing car connectivity is bringing value and presenting challenges to the automotive industry. The ecosystem is therefore working to address a range of security and privacy challenges. For example:

 

–          Device connectivity & data privacy – cars can now connect to multiple mobile devices, potentially exposing large amounts of personal sensitive data. There is, however, an opportunity for drivers and manufacturers to gather and monitor large volumes of useful data, such as location, speed, diagnostics, fuel consumption, tyre pressure or emissions.

–          In-car services – cars are a growing part of the “app economy”, opening up opportunities to combine generalist applications, such as social networking, payment and premium content, with car-centric apps, like journey planning, tolls and parking.

–          Automotive monitoring – other data, such as location, speed and driving characteristics, may be of use to authorities or insurance companies – but with obvious concerns over privacy.

 

Trustonic’s TEE technology, addresses these challenges by offering a hardware-secured operating system which is completely isolated from the device operating system. This makes it, and trusted applications residing in it, immune to all software threats resident on the device. The Root of Trust also ensures that a trusted identity is preserved within the device, preventing fraudulent use or copying. Car manufacturers can therefore be assured that the MediaTek systems that they integrate into cars, and the applications and data stored on them, are protected.

“The benefits offered by connected cars are exciting, but security and privacy is paramount, as the ramifications of hacking could be serious,” commented George Kanuck, SVP of Global Sales and Marketing at Trustonic. “MediaTek recognises this and is pushing the boundaries of secure telematics and infotainment. Using our certified hardware, vehicles and their users can be protected from hacking and malware, keeping companies, passengers and the public safe.”

J.C. Hsu, Corporate Vice President and General Manager of New Business Development at MediaTek, concluded: “The demands of connected and autonomous vehicles require a range of unique technologies. MediaTek is channelling its experience to power the future of driving, and we want to ensure that the solutions we offer to the automotive sector are absolutely secure. The hardware-based device security that the TEE offers is the best way to achieve this. Initially, we will use Trustonic’s TEE to safeguard our telematics andin-car entertainment solutions, with the first shipments already underway and due to hit the consumer market in 2018.”

Visit Trustonic at stand W5.H46 Mobile World Congress Shanghai 2017, 28th June-1st July, to learn more about this news and TEE hardware security.

(74)

Share

Russian data centers market

Russias demand for data centre services has been rapidly growing over the last few years. This has been driven by the development of corporate IT systems alongside the demand for backup services for the growing volume of business critical data. Moscow is becoming a hotspot for technology investment as almost 65% of the net area of Russia’s data centre space is located here.

 

Russian market is extremely client-oriented: service providers have to offer more flexible solutions, with deeper integration and understanding of the customer needs providing specific IT architecture and services. Read more in our blog>>>

 

Join the “Modern Data Centers and Data Protection Conference & Exposition at InfoSecurity Russia 2017 and show off your technologies & solutions to gain your market share!

 

BOOK TO EXHIBIT>>>

 

In the spotlight:

  • Data center nowadays
  • Analysis and management of flows in modern data centers
  • Evolution and application of security tools in modern data centers
  • Cloud data centers as centers for the provision of security services

 

 

For further details please contact:

Anna Zabora

InfoSecurity Russia

Project Coordinator

Groteck Business Media

Find me on LinkedIn

zabora@groteck.ru

www.infosecurityrussia.com

(119)

Share

Counter Terror: respond to modern threats

Security is number one priority now everywhere and Russia is not an exception. Local key buyers are extremely interested in new brands & technologies entering the market thus they decided to announce a review of the technologies to find new effective solutions to prevent terrorism and enhance security.

 

Security experts will gather at TB Forum to review new equipment, maintain and establish business contacts, discuss current issues of vulnerability assessment and develop amendments to their security plans.

 

Do you want to show your technologies, solutions and equipment to all key Russian customers from the main sectors?

 

JOIN THE REVIEW>>>

 

If you’d like to get a consultation on market entering strategy, please drop me a line and I organize a face to face meeting with our CEO & Owner at IFSEC 2017 to discuss Russian security market recent trends, market entry strategy, major buyers, trade leads, case studies and business opportunities for the international vendors from overseas.

 

 

For further details please contact:

Anna Zabora

TB Forum

Project Coordinator

Groteck Business Media

Find me on LinkedIn

zabora@groteck.ru

www.groteck.com

(74)

Share

INTERPOL World 2017

Date: Congress: 4-6 July 2017 & Exhibition: 5-7 July 2017

Location: Singapore, Suntec Convention Centre

INTERPOL World is a global exhibition and congress platform for the public and private sectors to foster collaborations and share innovative solutions to evolving global security challenges.

The security landscape is evolving with the advancement of technologies.  Yet, technology alone cannot be the only solution to counter technological risk and threats. A strategic response has to be taken into account to fight transnational organized crime. A conscientious effort from the law enforcement agency, businesses and citizens, is necessary to protect ourselves, our assets and our property.

The mandate of INTERPOL World, a global exhibition and congress platform, encapsulates the vision of a safer world through using innovations and engaging government, organizations, and strategic think tanks in a multi-stakeholder approach.

The second edition of INTERPOL World congress will happen from 4 to 6 July while the trade exhibition will take place from 5 to 7 July 2017 at Suntec Singapore Convention and Exhibition Centre.

INTERPOL World 2017 is your chance to showcase your new technologies, equipment, tools and solutions to over 10,000 public security professionals and commercial buyers from around the world, who will convene in Singapore to discuss resolutions to face future security challenges.

Over 300 international suppliers and manufacturers, with thousands of latest innovative solutions for public security, cybersecurity, perimeter security and more will find and forge mutually beneficial alliances leading to faster and more accurate responses to global security threats.

Visit www.interpol-world.com

(158)

Share

Unlocking The Screen of an LG Android Smartphone with AT Modem Commands

by Oleg Davydov, CTO, Oxygen Forensics

Modern smartphones are much more than just a device for voice calls. Now they contain a lot of personal data – contact list, communication history, photos, videos, Geo tags etc. Most smartphones can also work as a modem.

Almost every modem is Hayes-compatible which means it supports commands of the AT language developed in 1977 by Hayes. Every model supports some basic set of commands which is defined by the manufacturer. Sometimes this set can be extended and can contain very interesting commands.

Let us study behavior of an LG smartphone. When you connect it to the computer by USB you get access to the modem automatically (pic. 1). What is peculiar for LG is that the modem is available even if the phone’s screen is locked.

Pic. 1

Thanks to that, we can learn some useful information about the phone using AT commands even if the phone is protected by a password. (pic. 2).

Pic. 2

To learn what commands are supported by this model we have to examine its firmware. For example, for Android smartphones we only need to research the file /system/bin/atd. The pictures 3-5 demonstrate some AT commands for LG G3 D855 found in this file.

 

Pic. 3

Pic. 4

Pic. 5

It is clear that the phone supports most of the basic AT+ command set which can be used to extract common information about it (pic. 5). But of the most interest are LG proprietary commands (commands of AT% type). These commands (like AT%IMEIx, AT%SIMID, AT%SIMIMSI, AT%MEID, AT%HWVER, AT%OSCER, AT%GWLANSSID) return basic information about the phone. Among them is hiding a real pearl – the command AT%KEYLOCK (pic. 4). As you might guess this command allows you to manage screen lock state. In order to study this command behavior we can run a debugger and use the cross-link to find its handling function code. You can see this in pic. 6.

Pic. 6

When the command AT%KEYLOCK is called, the corresponding function, depending on the argument count, calls either lge_set_keylock() or lge_get_keylock() function from the /system/lib/libatd_common.so library. Pic. 7 shows the code of function lge_set_keylock().

Pic. 7

As you can see from pic. 8, if you pass to the function lge_set_keylock() the value “0” = 0x30, it will eventually call the function which would remove the screen lock whatever method had been used to lock it (you can use PIN, password, pattern or fingerprint to do that). Then it will return the string “[0]KEYLOCK OFF” (pic. 8).

Pic. 8

It becomes obvious that the command AT%KEYLOCK=0 allows you to remove the screen lock without any additional manipulations.

It’s worth mentioning that this command only removes the screen lock without affecting user settings. The command works as described: it writes zero value (which means unlock) to the special RAM area which stores the value responsible for screen lock. This means the command does not modify ROM in any way. This behavior is forensically sound because no user data is touched and after reboot the smartphone will return to the locked state. The command does not allow the investigator to find the screen lock PIN / pattern / password; it just removes it for some time.

To perform this analysis we used an LG G3 D855 model (with V20g-SEA-XX firmware). However, the aforementioned AT commands have been proven to work on other LG smartphones as well (LG G4 H812, LG G5 H860, LG V10 H960 etc). All these models support this approach.

Therefore it’s more than easy to unlock the phone. All you need to have is an LG Android smartphone turned on and connected to a PC by USB. This backdoor is obviously left by LG for its service software but can be used for forensic purposes as well. But bear in mind that criminals can also use this approach.

(428)

Share

Digital ID – Biometrics are the key to marrying security and convenience

Only biometrics can unify the age-old opposing forces of user-experience and digital security, says Isabelle Moeller, Chief Executive, Biometrics Institute. When it happens, the effect will be remarkable.

Thanks, in no small part, to the whims of Hollywood, biometrics have become something of a go-to metaphor for bleeding edge, bullet-proof security. It’s easy to see why: iris scanners make great TV.

Sadly, reality is always different to the big screen. The last five years have lifted biometrics out of Mission Impossible and dropped them into the lives of everyday consumers, where they are fast assuming a central role in digital identity management. Popular engagement with voice recognition in telephone banking and smartphone fingerprint scans, are, thankfully, sobering perceptions. Security breaches, while unfortunate, have underlined that biometrics are far from infallible and most certainly are not an ‘overnight solution’ to the world’s digital ID problems.

Neither are they toothless, however. On the contrary in the right hands biometrics, like chilli peppers, can be powerful ingredients that give real punch to the security mix. What’s more, in the world of digital identity, particularly in user authentication, there is an urgent need to spice things up; the industry faces serious challenges.

The recent proliferation of digital services and cloud-based platforms, each requiring independent user verification, is making mincemeat of the username and password (UNP) model. Ubiquity compels even the diligent to reuse at least some of their UNP credentials, dramatically increasing the security implications of a hack. Indeed, many of the most popular cloud-based services already automate this practice, enabling users to apply their ‘unique’ UNP to a variety of other accounts (a process known as single sign-in, or social login). The risk posed by this kind of identity federation is obvious: a hacker needs only to crack one UNP to gain access to all the user’s associated accounts. Various services exist to help mitigate UNP vulnerability (password ‘vaults’ and management applications) but few would disagree that these are at best sticking plaster solutions; the days of UNPs are numbered.

Two-factor or multifactor authentication solutions are far more impenetrable but, compared to UNPs, adoption rates remain comparatively low, largely because the multifactor approach fails to deliver a smooth and convenient user experience. Physical authentication tokens, often used in e-banking, are easily lost or stolen but more importantly the authentication process itself is laborious. Typically, receipt or generation of a random key or number sequence occurs on one device (a smartphone), which must be combined in some way with another unique piece of information known only to the user, before being inputted into a second device (laptop, tablet, PC etc.). Replacing all UNPs with this multi-step model is no solution at all; today we login to so many different platforms that interruption and end-user frustration would dominate the digital experience.

Enter biometrics. There is little doubt that the future of digital identity lies in using multiple factors to verify a user’s authenticity. The key difference will be that one or more of those factors will be delivered biometrically, enabling the authentication process to be vastly simplified and greatly accelerated. Apple’s Touch ID is an excellent example of how a biometric can make an authentication process both fast and convenient as well as secure. Indeed, with biometrics ‘in play’, a digital world in which the authentication process disappears entirely from the user’s experience could be right around the corner.

When appropriately deployed, behavioural biometrics such as typing styles, app navigation habits, or the pressure applied to touchscreens, leave a data trail almost as distinctive as a fingerprint or face. The identifying power of these behavioural factors can be harnessed by multifactor authentication solutions and, when combined with conventional biometric data, can be used to continually and automatically confirm and reconfirm the user’s identity without interrupting their user experience with off-putting ID challenges.

Adaptive and risk-based authentication solutions are also gathering momentum. These solutions monitor the user’s daily journey through their apps, platforms and devices and use this data to ensure an authentication challenge is only issued when the system deems it absolutely necessary, according to pre-determined policies set by the issuer.

When these fields are mastered, biometric-powered multifactor authentication will finally unify the age-old opposing forces of convenience and security, and a brilliant and incredibly secure end-user experience will be established.

Imagine almost never having to be challenged again when logging into a cloud service, a mobile app, social platform, collaborative workspace, email inbox, remote VPN…

We are not there yet. More work needs to be done to identify and increase the reliability of behavioural biometrics. Capture technologies are still developing and their integration into intelligent solutions must be handled with care if we are to stay ahead of the hackers. Privacy issues also remain a key concern, as does the storage and sharing of biometric data once it has been captured. This is the space inhabited by the Biometrics Institute Digital Services Working Group, which is one of the few places globally where the boundaries of these solutions are being explored in an open, collaborative and commercially neutral forum. Crucially, it encompasses the full spectrum of stakeholders too, including academics, vendors, end-users and privacy advocates.

The importance of this work cannot be overstated. Collaborative efforts are essential to ensure the true enabling power of biometrics can be realised in the digital space without putting the individual’s biometric data at risk. Cross-industry collaboration at the Institute also accelerates the evolution of these technologies, shortening the lead time before full deployments are possible and end users benefit. In this instance, this can’t come soon enough. The world of digital services is evolving at a tremendous pace and the threats to personal data security are increasing as a result. Only when biometrics have been successfully integrated will multifactor authentication solutions be able to deliver the user experience demanded by today’s digital consumer. Mass adoption will then follow and all that inhabit digital world will be safer for it.

 

(143)

Share

How digital data can never truly be lost

We live in a digital era at a time when almost everyone has a device with internet connectivity and access to infinite posting and browsing opportunities. While this affiliation with technology is undoubtedly shrinking the world and making our lives more convenient, it does bring the security of digital data into question. How much control can we retain over our data once it’s in the public domain? Is it possible to delete digital data forever? The answers, rather worryingly, are ‘very little’, and ‘no’. In much the same way that Hansel and Gretel left a trail of breadcrumbs to lead them back out of the forest, we’re all guilty of leaving a little piece of us behind whenever we browse the internet, post on social media or save a document to our computer systems. However much we like to think we’re covering our tracks, our digital data can and will be found eventually – particularly when much of that data is being replicated and stored in online caches we have little knowledge of and no control over.

However, our digital data’s refusal to disappear into the ether can also be a positive; just ask the many businesses and everyday internet users who have required the services of a data recovery team at one time or another…

Recovering the unrecoverable

Whether it’s been deleted in error, misplaced during a network failure, erased following a formatting process or damaged by a virus or malware, the loss of any file or folder can be utterly devastating – particularly if that data was integral to your business. While some mistakes, such as the accidental deletion of a file, are relatively easy to rectify by rifling through your computer’s virtual recycling bin, others require more serious action. Popular methods of recovering files and data include restoring backup copies of programs that you may have made, launching a recovery wizard within your computer’s browser, or purchasing a particular kind of software designed to scan for missing data. In some cases, the specialism of a company such as Fields Data Recovery is required; sometimes the data loss is too extensive for a single person to undertake the recovery by himself or herself, and only a professional team can help. Even under these circumstances, the vast majority of data is recoverable eventually. Digital data, it seems, can never be truly lost.

Top tips for savvy digital data storage

While the Conservative Party has pledged to allow social media users to delete profiles and content created prior to their 18th birthdays, there are numerous ways in which you can protect yourself and your digital data from harm, without needing to go to such extremes.

  • Most experts agree that the biggest data security mistake is the failure to understand the implications of security breaches and lacklustre security; by recognising that such threats exist, you’re already on your way to securing digital data.
  • Companies in particular should implement multiple security measures to protect their sensitive data; secured networks, firewalls, encryption and data protection clauses must be introduced.
  • Conduct your research; understand where your data is being hosted, the types of security measure in place and the access you and others are likely to have. Have you vetted potential web hosts prior to assigning your data into their care?
  • In terms of data recovery, always ensure you’ve created backup documents and files, and keep at least one copy of each important folder somewhere secure – preferably in a separate location, should your computer network or hard drive develop an issue.

Finally, consider the possibility of your digital data being unearthed and used against you. Social media users should take particular heed here; since digital data is never really lost, is it really worth making that comment in the first place? Similarly, do you stand by your decision to create that file or download that content? At a time when anything, no matter how mundane, is recoverable, it might be time to think twice before typing.

Now, more than ever, digital data security is a top concern for companies and consumers alike, with the threat of data breaches becoming a new normal during everyday internet use. We live in an era when it is almost impossible to delete digital data, regardless of how well we may have covered our tracks or protected our systems. From social media and web cookies to hosted storage and downloads, almost anything is recoverable – a move that won’t always be to the benefit of the person whose data is under review. If you find yourself relying upon digital paper or internet access, it’s essential that you understand where your information will be hosted and stored, and the kinds of restrictions placed upon its access and deletion – only then will you regain control of your digital data.

(180)

Share

Taking Control of Your Forensics

 Getting the complete picture with in-depth investigation

By Yitzhak (Itzik) Vager, VP Cyber Product Management & Business Development at Verint Systems Ltd., Verint Systems Ltd.

The art of forensics is probably best defined as the use of science and technology to investigate and establish facts in criminal or civil courts of law. Computer forensics runs along much the same lines, with the main difference being the end goal – in the case of cyber security, it’s usually to understand the exact scale of a breach, what damage was done and where.

Accurate and insightful forensics can be invaluable to detection and response – helping piece together the complete storyline of an attack or refuting alerts to lower false positive rates. A strong forensics approach starts with three main vectors – coverage, integration and visibility. Ticking these boxes can be the difference between actually being able to respond to a threat and relative chaos.

Coverage

Criminal forensics always start with going back to the crime scene to start collecting evidence. The critical thing to notice is that the “crime scene” is often much larger than the store that was robbed – it also includes the thief’s vehicle, the building next door he came in through, and much more.

In our world, this means that forensic analysis must cover the entire range of potential data sources – not just from the endpoint where malware has been found but other endpoints that have been in contact and the network itself. This is the only way to create a complete picture that will accurately show where the threat came from, how it got in, and where it went. Naturally, dissecting every bit and byte of the infected machine is just as important, but in many cases, without mapping out the threat, defenders are left in no man’s land.

Integration

Forensic data is almost never isolated. There is never just one clue. In our world, that’s a bit of an understatement – if you can look hard enough, there are usually hundreds of miniscule network and endpoint events that can be traced back to the attack. This makes being able to connect two different “dots” imperative to the task. In practice, it means that using multiple forensic tools can cause quite an issue – in many cases, they won’t speak the same language and their findings will not be able to be used to their full potential and be intelligently cross-referenced. For example, using independent tools for endpoint, server and network can glean a substantial amount of information from each but will leave an overwhelmed analyst needing to delve through thousands of findings that could be seen and used much more efficiently if they had all been designed to live and work together.

Another benefit of integration, especially when paired with automation, is the ability to automatically and continuously initiate additional forensic data collection based on previous forensics or findings.

Visibility

Forensic findings are somewhat meaningless unless they can be seen. Visibility is essentially the combined result of coverage and integration. Visibility means placing the various pieces of forensic evidence in the exact way that will make the story of the attack clearest to the user. In the cyber domain, malicious incidents are seldom isolated and will almost always contain multiple different events (the initial breach, contacting a command and control server, laterally moving to the target host via a specific network protocol or a USB stick). While interesting and valuable in their own right, they become truly powerful when displayed as a chain of events, narrating the entire attack from start to finish. Not only is this far more informational, it enables the analysts to take the best course of action when responding to the attack.

The Forensic “Time Machine”

Forensics is naturally a big part of investigating a threat, which makes it critical to the action of responding to and mitigating a threat. Forensics drives knowing which devices to isolate, what part of the network is vulnerable and generally what needs to be done to ensure a higher level of safety from now on. But this goes beyond a single investigation.

A key advantage of collecting and storing forensic data is the ability to “go back in time” and re-evaluate past crime scenes as new information comes in. For example, if new alerts or new indicators of compromise come in, correlating this new information with forensics data collected in the past can dramatically change both ongoing and past investigations.

With a strong combination of coverage, integration, and visibility, forensics investigations will be more streamlined, allowing your teams to build the knowledge infrastructure required to prevent and  mitigate future attacks.

Yitzhak (Itzik) Vager is VP Cyber Product Management & Business Development at Verint Systems Ltd., Verint Systems Ltd. Verint Threat Protection System automates and orchestrates threat detection, investigation, and forensics.

 

(190)

Share

Three technologies tackling global challenges compete for top UK innovation prize

Three global game-changers are in the running for this year’s coveted MacRobert Award, the UK’s top innovation prize, which has a record of spotting the ‘next big thing’ in engineering. Awarded each year by the Royal Academy of Engineering, it is presented to the engineers behind the UK’s most exciting and impactful innovations.

The global impact of this year’s finalists demonstrates that the UK innovation scene is stronger than ever. They are:

  • Darktrace for their cyber ‘immune system’ that uses machine learning to self-learn what is ‘normal’ for an organisation’s computer network and uses that understanding to detect and fight back against emerging threats that human operators may miss, while keeping the rest of a system running.
  • Raspberry Pi for its inexpensive credit card-sized microcomputers, which are redefining how people engage with computing, inspiring students to learn coding and computer science and providing innovative control solutions for industry.
  • Vision RT for the world’s most accurate real-time 3D body surface imaging system that enables doctors giving radiotherapy to target cancerous tumours with pinpoint accuracy, speeding treatment times while reducing discomfort for patients during radiotherapy and minimising collateral damage that can cause serious side effects.

The three finalists are competing for a gold medal and a £50,000 cash prize. The 2017 winner will be revealed at the Academy Awards Dinner in London on 29 June 2017 in front of an audience of top engineers, business leaders, politicians and journalists.

Many previous MacRobert Award-winning engineering innovations are now ubiquitous in modern technology, transport and healthcare. The very first award went jointly to Rolls-Royce for the Pegasus engine used in the iconic Harrier jets, and to Freeman, Fox and Partners for the Severn Bridge. In 1972 the judges recognised the extraordinary potential of the first CT scanner developed at EMI – seven years before its inventor Sir Godfrey Hounsfield received the Nobel Prize.

MacRobert Award winners are chosen by a panel of Fellows of the Academy, using a comprehensive selection process.

Darktrace has developed pioneering, autonomous machine learning software designed to detect and defend against cyber security threats from within computer networks. The Enterprise Immune System self-learns the normal ‘pattern of life’ of every user and device within a network, and uses that understanding to identify and autonomously respond to threatening anomalies in real time. It acts as a cyber immune system that can immediately detect and neutralise emerging threats, such as ransomware, data theft or prohibited access. Like the human immune system, the Enterprise Immune System does not need any experience of past attacks to understand that an anomaly is potentially threatening. No other software can currently achieve this without some level of human input to define the boundaries of the system or certain aspects of the network. Just four years after launch, the Enterprise Immune System is defending IT systems in over 60 countries for customers including government agencies, international banks, healthcare providers and telecoms operators.

The Raspberry Pi Foundation, through its low-cost, easy to use, credit card-sized microcomputers, is redefining how people learn about and engage with computing. The inexpensive micro PC can be used as the control centre of just about anything, from creating video games to robots, multi-room sound systems, pet feeders, or even scientific experiments. It has inspired a new generation of makers and brought computer programming into classrooms in a fun and engaging way. After initially setting out to help increase the number of computer science applicants to University of Cambridge, the Raspberry Pi team has sold over 14 million devices through exceptional engineering and public outreach. Not only have they put the power of coding into the hands of people all over the world, they have also created a whole new class of computing device that has revolutionised the way engineers design control systems in industry.

London-based Vision RT began in an attic in 2001 and today all the top five “Best Hospitals for Cancer” in the USA use its technology. Nearly 1,000 systems have been sold around the world including to the UK National Health Service. Vision RT has developed AlignRT, a guidance system for radiotherapy that helps doctors target cancerous tumours with pinpoint accuracy, reducing harmful collateral damage during treatment. The Company’s AlignRT system can also eliminate the need for patients to have their skin tattooed as part of treatment, meaning cancer survivors will no longer need to carry this visual reminder of their cancer. AlignRT offers significant clinical benefits. For example, left breast cancer patients may be at risk of heart damage from radiotherapy. UK guidelines currently recommend breath-holding techniques – where a patient fills their lungs and holds their breath to move the tumour away from the heart – to help reduce this risk. The AlignRT system, which tracks the patient position to within 1mm, automatically shuts off the beam when it is off-target, making treatment safer and more relaxed for patients.

Dr Dame Sue Ion DBE FREng FRS, Chair of the Royal Academy of Engineering MacRobert Award judging panel, said: “This year’s MacRobert Award finalists are making a real impact in cyber security, STEM education and cancer treatment. Each of them demonstrates engineering innovation of the highest calibre, but what I’m most proud of is that while they benefit people all over the world, their roots have remained firmly in the UK, bringing significant wealth into our economy. Those with hardware have chosen to manufacture everything here, not for noble reasons but because it makes good business sense, cementing the UK’s global reputation as a leading innovation nation.”

 

(68)

Share