- As the World Grows Increasingly Digital, the Threats Loom Larger
- Computer Science and Cybersecurity at FDU
- Eight Steps to Healthy Online Habits
- FDU Students Take Top Place in the 2019 NJ Governor’s Cybersecurity Talent Competition
By Rebecca Maxon
The headlines are jarring: cyberattacks on banks — the stealing of personal information that could lead to identity theft and threaten existing assets; on retail outlets — capturing customer credit-card information; health-data breaches; and even attacks on governments — which have been held in the grip of ransomware, forced to pay off their attackers in order to regain access to their computer systems. But once the news fades, most of us don’t give these issues additional thought, filing them under, “It won’t happen to me.” But it could.
In 2018, according to Mimecast’s The State of Email Security Report 2019, 94 percent of companies experienced phishing attempts; 88 percent experienced email-based spoofing of business partners or vendors; 71 percent saw a malicious activity spread from one infected user to other employees; and 67 percent saw increases in impersonation and business email compromise — with 73 percent of those cases resulting in a direct loss.
A single email containing ransomware can disrupt operations for days and often involves costly consequences. The incidence of ransomware nearly doubled — up from 26 percent to 53 percent in just a single year. In the United States alone, 61 percent of businesses surveyed said they had experienced a ransomware attack in the past year (Mimecast). NJBIZ reports, “Businesses lost $1.2 billion in 2019 because of cybercriminals who sent fraudulent emails.”
And what about at home? Hackers attempt an attack every 39 seconds, affecting one in three Americans every year, according to Cybint, a cyber-education platform. As of December 2019, 462 major health breaches affected nearly 41 million people in a year (careersinfosecurity.com). That is triple the number of patients affected in 2018, according to the 2020 Breach Barometer published by Protenus.
New threats develop every day. A study by IBM found that 95 percent of cybersecurity breaches are caused by human error. And the vast increase in the number of employees working from home in the face of COVID-19 restrictions creates the possibility for a huge number of users working without the appropriate security measures taken on their home internet connections. The stakes are high enough to concern nearly every company, every industry and every person.
“Experts now are proposing computer and information security to be treated as a civil defense,” says Kalyan Mondal, director of FDU’s Center for Cybersecurity and Information Assurance, coordinator of the information technology program and associate professor of electrical engineering on the Metropolitan Campus.
One of the most common forms of information theft happens through phishing emails. Ihab Darwish, assistant professor of cybersecurity and director of the cybersecurity program at FDU’s Florham Campus, explains, “Phishing is a type of social-engineering attack that takes several shapes, including fake messages, fake websites and spam emails. It is all about misleading the victim by spoofing and mimicking real websites or people for the purpose of performing online identity theft.”
Viruses can infiltrate computer systems through email or any other type of messaging system. Malicious code can be transmitted through attachments sent by email or by activating a website link embedded into messages. Most viruses, Trojan horses and worms work this way. “However,” says Darwish, “if your email client allows scripting, then it is possible to get a virus simply by opening the message.”
Phishing schemes frequently play on the fears of the recipient, including statements such as “Your credit card has been compromised!” These messages are designed to make the reader click without looking closely, and the culprits are ready to strike when people are most vulnerable.
After the coronavirus outbreak began, phishers sent messages about stimulus checks, unemployment compensation and small-business loans.
Held for Ransom
Ransomware is one of the biggest cyber dangers. “Ransomware uses especially malicious software/malware that is installed on a computer by an attacker,” says Yaoqing Liu, assistant professor of cybersecurity and information assurance at the Metropolitan Campus. Cybercriminals hack into a system, encrypt information or files and demand a ransom payment in order for individuals to regain access. Only the hacker has the key to open the system. The individuals must pay money or, more and more, bitcoin or cryptocurrency, both of which are harder to track. Ransomware can be installed onto a computer system in a number of ways — users might click an email attachment or an internet advertisement.
In one of last year’s most malicious attacks, the Hackensack Meridian Health network of hospitals and medical facilities was targeted. Anything involving its computer system was affected: surgeries were rescheduled and labs, radiology and billing systems were all suspended. Nurses dealt with delays in orders and had to double-check paperwork carefully to ensure accuracy. Overall, patient safety was not compromised. But, Hackensack Meridian paid the hackers to regain control of the system. The company relied on the insurance coverage it held for such emergencies.
“This is very typical, and that very instance is very close to us. Hospitals, government agencies, schools — these organizations are not like big IT companies,” says Liu. “They may not have the resources to secure their data regularly. That makes them vulnerable targets for hackers.”
There are steps businesses and employees can take to reduce the effectiveness of such attacks.
“First of all, back up your data regularly and make sure there is not any connection between the backup copy and the running copy,” says Liu.
“Keep this backup of all data on the cloud or another secure system to enable restoration of data and resumption of normal operations,” Mondal adds. If ransomware strikes, users can easily restore their computers to a previous date and bring back critical data without having to pay the cybercriminals.
“Train your people and users. You want to have strong passwords,” says Liu. “You want to educate people that if they open emails they think may be malicious, not to click.” Talk to the IT department before clicking any mysterious email.
Finally, “have a real, educated pass interferer [on staff or on call] who knows how to handle such an incident if it happens.” Liu tells the story of another hospital. “After the Hackensack Meridian attack, another hospital in New Jersey was attacked. However, its IT department caught it in an instant. The hospital disconnected all the networks within a minute and avoided data loss. That case shows good preparation.”
The Internet of Things
A newer type of cybercrime deals with the propagation of internet-connected devices such as smart TVs, refrigerators, automatic vacuums and cars with automatic features. These Internet of Things (IoT) devices are a vulnerable new area for hackers to try their hand — consisting of some 31 billion connected devices worldwide. These cars, radios, phones, refrigerators, lights and security cameras could provide a direct link to a home computer or a smartphone.
“The problem is that people are not aware of what goes on. When they buy this device in the store and plug it in at home, unbeknownst to them, there is a lot of data about that person that may be transmitted to the manufacturer’s site,” says Alevoor Ravishankar “Ravi” Rao, assistant professor of computer engineering and computer science on the Metropolitan Campus.
“You have to have a default password, so if you forget your password you can just set it back to the default. But the problem is that everybody knows that password. So unless you go in and adjust all of the settings when you set up a device, you are not protected.”
And, the most dangerous kind of attack on these devices is not at all what a homeowner might expect. For example, says Rao, “How important is it if someone’s toaster down the street can’t be used one morning? But if you look at coordinated attacks — if you can coordinate all these devices together and tell them ‘now all of you go and bombard such-and-such a website with requests’ — that will create a denial of service attack in which that website fails to operate. This grouping of devices is known as a ‘bot-net.’”
“The question is: What responsibility do the device manufacturers have?” says Rao. “I believe there should be some legislation to require the manufacturer to meet certain minimum requirements and guidelines. And that is happening in some countries,” he continues. “The United States has legislation on the table that will force the device manufacturers to ensure certain levels of protection so that the default setting of an item will force that device to update to protect your data.”
Since cyberattacks can wreak widespread and long-lasting damage upon civilian lives and property, manufacturers of IoT devices and computing systems have to be held responsible for design flaws, with mandatory recall of “faulty” software and product certifications for safety. And, regulators must require device manufacturers to be prepared for untoward cyberattacks. “Just like ‘Energy Star’ markings on household electrical devices,” Mondal says, “a ‘Safety Star’ might be the way to go forward.
“Almost all units in law enforcement at some point in time will have an investigation involving the internet or some form of cybercrime,” says Jon Morgan, an adjunct professor in the criminal justice program at the Metropolitan Campus. “In cases of ransomware; extortion; counterterrorism; transmission of elicit materials, images and fraud; these cybercrime cases are usually handled by the computer-crime, homeland-security, intelligence and the financial-crimes units.” Special investigations, public integrity and special-victims’ units may also be called in, depending on the nature of the crime.
Tracing a cybercriminal involves many steps. “The first thing to do is to confiscate all electronic devices that were affected by the attack and perform a forensic analysis on computer and network-log files, storage devices and handheld devices,” says Mondal. “Using data recovery and other techniques, computer forensics analysts can restore deleted files and data to further trace and analyze attacks. They also consult national crime databases to see similar past crimes committed by other perpetrators.” Analysts make sure that all evidence is properly preserved (as court evidence) and that no changes are made to the physical data in the confiscated devices.
“Follow the breadcrumbs,” Morgan adds. Every device that touches a network or the internet leaves a signature or a fingerprint on every system it communicates with. “It may only be a partial fingerprint, but after enough of the details come together across multiple sites, log files, browser histories, login times, network connections, etc., it quickly narrows the search down to a more specific individual.”
But cybercrime arrests still are not as high as they should be. “There is a belief that law enforcement will be unable to identify the suspects and bring them to justice. This is a misconception. We work closely with our federal partners to cross state lines and borders to bring the worst criminals to justice through the sharing of information,” he says. “Victims of these crimes need to contact their local law-enforcement partners.”
“There is no total security, and hence cybercrimes can’t be prevented! But, for sure they can be controlled and contained,” says Darwish. “A fundamental aspect of preventing or minimizing the impact of any type of cybersecurity threat can be accomplished through education and cybersecurity awareness. We should always practice preventive actions by securing personal systems and data. For example, we can utilize up-to-date anti-virus tools, firewalls or even advanced intrusion-detection tools. But, my number-one recommendation to all is to back up all of your files and data — not just on-site but also online.”
The National Security Agency and the Department of Homeland Security have designated the University as a National Center of Academic Excellence in Information Assurance Education. The following degrees are offered:
THE COMPUTER SCIENCE MAJOR (B.S.) in the Gildart Haase School of Computer Sciences and Engineering equips students with a strong foundation in software engineering, computer networks, computer organization, database systems, management information systems and operating systems. It also provides students with practical computer applications. There are three in-demand concentrations: cybersecurity and information assurance, big data analytics, and mobile and game app development. This program has been accredited by the Computing Accreditation Commission (CAC) of ABET since 1987. The B.S. in computer science with a concentration in cybersecurity and information assurance allows students to specialize in subjects like cybersecurity, information security, cryptography, firewalls and intrusion-detection systems, and system administration. The program is one of the two CAE-CDE designated programs offered by the school. The B.S. in computer science may be combined with the M.S. in computer science or the M.S. in cybersecurity and information assurance for a five-year program.
THE COMPUTER SCIENCE MAJOR (B.S.) in the Maxwell Becton College of Arts and Sciences offers an optional cybersecurity concentration, including specialized courses in computer science and mathematics, such as cryptography and network and data security. This degree exposes students to a broad range of fundamental concepts in software engineering, computer organization, database systems, management information systems and operating systems, as well as to a wide variety of computer applications. The B.S. may be combined with either the M.S. in computer science or the M.S. in management information systems for a five-year program.
THE CRIMINAL JUSTICE MAJOR (B.A.) integrates theory and application into a course of study to prepare graduates for wide-ranging career opportunities. Its interdisciplinary curriculum trains students in navigating the challenges of the country’s legal and criminal justice system and private security administration. The program also offers an optional computer forensics minor involving the identification, preservation, extraction, interpretation and documentation of digital evidence in criminal and civil investigations. This 15-credit minor gives students a strong foundation in the knowledge, understanding and competencies sought by prospective employers in the area of computer forensics.
THE INFORMATION TECHNOLOGY (IT) MAJOR (B.S.) provides comprehensive knowledge, skills and training needed for a career as an IT professional. Students learn to evaluate current and emerging technologies; identify user needs; design user-friendly interfaces; apply, configure and manage these technologies; and assess their impacts on individual users, organizations and the environment. The program has three concentrations: web-development technology, network and system administration, and security and forensics. The B.S. in IT program has applied for accreditation with CAC-ABET. In the security and forensics concentration, students learn to apply cyber-defense techniques and tools in the systems, networks and database-administration tasks. They also learn how to identify, preserve, extract and interpret digital evidence. The school jointly developed this concentration with the department of criminology and criminal justice. The concentration includes courses in computer forensics, computer security, information security and system administration, along with three criminal justice courses. The B.S. degree in IT with the security and forensics concentration is another CAE-CDE designated program. The graduates of this program have wide-ranging career opportunities in public and private sectors and in law enforcement.
- Computer users should install an antiviral software system such as McAfee® Live Save™ or Norton 360 with LifeLock on every computer they own.
- Users should create and manage separate “strong” passwords for every internet-connected device. Change the passwords every six months and keep them in a private place. Try using a password-management system like Dashlane, for safekeeping and automatic login to various sites.
- Close all web-based applications (i.e. browsers, email software) from the internet when not in use for extended periods of time.
- Keep all of your software up-to-date with all operating system and application software updates (patches) sent by trusted sources as soon as they are available. These patches correspond in real-time to known vulnerabilities found within the software.
- Back up all computer files regularly on an inexpensive, trusted cloud-storage system.
- Make sure your Wi-Fi modem and router use the latest encryption technology, and that the passwords are strong and updated. Do not use the factory-installed ones.
- If possible, use file-encryption software like VeraCrypt, AxCrypt, or BitLocker to prevent hackers from getting any useful information.
- Never provide any personal or financial information on a website that is not secure. Look for https:// at the beginning of the URL.
FDU’s Florham Campus placed number 1 in New Jersey and number 3 in the nation in the 2019 Governor’s Cybersecurity Talent Competition. Fifty-four students from FDU made the quarterfinals and competed for $2.5 million in the scholarship round of Cyber FastTrack, demonstrating they have outstanding aptitude for success in a cybersecurity career.
“We’re so proud of the 54 students who have worked so hard and excelled to get through to this stage at number 1. We know that FDU’s innovative curriculum in cybersecurity and our talented students will help New Jersey and the nation close the cybersecurity-skills gap. Our students are helping to prove that to the whole country,” says Laila Khreisat, associate professor of computer science and chair of mathematics and computer science at the Florham Campus.
SANS Institute partnered with the 25 state governors to launch Cyber FastTrack. The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 professionals working in the field.
According to Alan Paller, founder and director of research at the SANS Institute, “The leadership shown by Fairleigh Dickinson University’s Florham Campus is commendable. Without the talent being discovered in Cyber FastTrack, shortages of elite talent will put the United States at a severe disadvantage in protecting power systems, financial systems and military systems in times of conflict and protecting businesses and personal privacy in times of peace. FDU has set a high bar for other schools in New Jersey and in the nation.”
Thirteen thousand college students across America took part in the first stage of the 2019 Cyber FastTrack competition in April 2019, solving a series of increasingly difficult cybersecurity challenges to demonstrate their aptitudes for cybersecurity careers. Twenty-four hundred students performed so well that they received invitations to take part in the second round, where they competed for $2.5 million in scholarships for college tuition and advanced cybersecurity training, as well as for recognition for themselves and their colleges.
Cyber FastTrack is designed to bridge the cybersecurity skills gap in the United States. Details of the program can be found at cyber-fasttrack.org.
Alicia White and Aliaksandra Khrypkova, two students studying computer science at the Metropolitan Campus, have been awarded scholarship grants from the Department of Defense (DoD), through the Cyber Scholarship Program (CySP), to fund one year of studies specializing in cybersecurity.
The students will also learn state-of-the-art cyber-defense techniques through summer internships at designated DoD facilities and have agreed to work for three years with the DoD in the cybersecurity field after graduation.
The grant funding for the scholarships covers the full tuition, stipend, book and laptop award for the cyber scholars and capacity building in the areas of secure embedded systems and applications of machine learning in mitigating distributed denial-of-service attacks. The DoD only offers a limited number of such scholarships nationwide each year.
The purpose of the DoD Cyber Scholarship Program is to increase the number of qualified students in the fields of information assurance, information technology and cybersecurity — and to meet the DoD’s increasing requirements on cybersecurity in defending the nation and in upholding the security of its information infrastructure.
“We are very happy and proud that this great opportunity has been extended for the first time to students studying cybersecurity [at FDU],” says Kalyan Mondal, director of the Center for Cybersecurity and Information Assurance and the principal investigator of the DoD cyber scholarship program grant at the University.