Weaponized information seeks a new target in cyberspace: Users’ minds

Richard Forno, University of Maryland, Baltimore County

The Russian attacks on the 2016 U.S. presidential election and the country’s continuing election-related hacking have happened across all three dimensions of cyberspace – physical, informational and cognitive. The first two are well-known: For years, hackers have exploited hardware and software flaws to gain unauthorized access to computers and networks – and stolen information they’ve found. The third dimension, however, is a newer target – and a more concerning one.

This three-dimensional view of cyberspace comes from my late mentor, Professor Dan Kuehl of the National Defense University, who expressed concern about traditional hacking activities and what they meant for national security. But he also foresaw the potential – now clear to the public at large – that those tools could be used to target people’s perceptions and thought processes, too. That’s what the Russians allegedly did, according to federal indictments issued in February and July, laying out evidence that Russian civilians and military personnel used online tools to influence Americans’ political views – and, potentially, their votes. They may be setting up to do it again for the 2018 midterm elections.

Some observers suggest that using internet tools for espionage and as fuel for disinformation campaigns is a new form of “hybrid warfare.” Their idea is that the lines are blurring between the traditional kinetic warfare of bombs, missiles and guns, and the unconventional, stealthy warfare long practiced against foreigners’ “hearts and minds” by intelligence and special forces capabilities.

However, I believe this isn’t a new form of war at all: Rather, it is the same old strategies taking advantage of the latest available technologies. Just as online marketing companies use sponsored content and search engine manipulation to distribute biased information to the public, governments are using internet-based tools to pursue their agendas. In other words, they’re hacking a different kind of system through social engineering on a grand scale.

Old goals, new techniques

More than 2,400 years ago, the Chinese military strategist and philosopher Sun Tzu made it an axiom of war that it’s best to “subdue the enemy without fighting.” Using information – or disinformation, or propaganda – as a weapon can be one way to destabilize a population and disable the target country. In 1984 a former KGB agent who defected to the West discussed this as a long-term process and more or less predicted what’s happening in the U.S. now.

The Russians created false social media accounts to simulate political activists – such as @TEN_GOP, which purported to be associated with the Tennessee Republican Party. Just that one account attracted more than 100,000 followers. The goal was to distribute propaganda, such as captioned photos, posters or short animated graphics, purposely designed to enrage and engage these accounts’ followers. Those people would then pass the information along through their own personal social networks.

Starting from seeds planted by Russian fakers, including some who claimed to be U.S. citizens, those ideas grew and flourished through amplification by real people. Unfortunately, whether originating from Russia or elsewhere, fake information and conspiracy theories can form the basis for discussion at major partisan media outlets.

As ideas with niche online beginnings moved into the traditional mass media landscape, they serve to keep controversies alive by sustaining divisive arguments on both sides. For instance, one Russian troll factory had its online personas host rallies both for and against each of the major candidates in the 2016 presidential election. Though the rallies never took place, the online buzz about them helped inflame divisions in society.

The trolls also set up Twitter accounts purportedly representing local news organizations – including defunct ones – to take advantage of Americans’ greater trust of local news sources than national ones. These accounts operated for several years – one for the Chicago Daily News, closed since 1978, was created in May 2014 and collected 20,000 followers – passing along legitimate local news stories, likely seeking to win followers’ trust ahead of future disinformation campaigns. Shut down before they could fulfill that end, these accounts cleverly aimed to exploit the fact that many Americans’ political views cloud their ability to separate fact from opinion in the news.

These sorts of activities are functions of traditional espionage: Foment discord and then sit back while the target population becomes distracted arguing among themselves.

Fighting digital disinformation is hard

Analyzing, let alone countering, this type of provocative behavior can be difficult. Russia isn’t alone, either: The U.S. tries to influence foreign audiences and global opinions, including through Voice of America online and radio services and intelligence services’ activities. And it’s not just governments that get involved. Companies, advocacy groups and others also can conduct disinformation campaigns.

Unfortunately, laws and regulations are ineffective remedies. Further, social media companies have been fairly slow to respond to this phenomenon. Twitter reportedly suspended more than 70 million fake accounts earlier this summer. That included nearly 50 social media accounts like the fake Chicago Daily News one.

Facebook, too, says it is working to reduce the spread of “fake news” on its platform. Yet both companies make their money from users’ activity on their sites – so they are conflicted, trying to stifle misleading content while also boosting users’ involvement.

Real defense happens in the brain

The best protection against threats to the cognitive dimension of cyberspace depends on users’ own actions and knowledge. Objectively educated, rational citizens should serve as the foundation of a strong democratic society. But that defense fails if people don’t have the skills – or worse, don’t use them – to think critically about what they’re seeing and examine claims of fact before accepting them as true.

American voters expect ongoing Russian interference in U.S. elections. In fact, it appears to have already begun. To help combat that influence, the U.S. Justice Department plans to alert the public when its investigations discover foreign espionage, hacking and disinformation relating to the upcoming 2018 midterm elections. And the National Security Agency has created a task force to counter Russian hacking of election systems and major political parties’ computer networks.

These efforts are a good start, but the real solution will begin when people start realizing they’re being subjected to this sort of cognitive attack and that it’s not all just a hoax.

Richard Forno, Senior Lecturer, Cybersecurity & Internet Researcher, University of Maryland, Baltimore County

This article was originally published on The Conversation. Read the original article.

The post Weaponized information seeks a new target in cyberspace: Users’ minds appeared first on Department of Computer Science and Electrical Engineering.

UMBC receives $5.4m in funding for new cybersecurity projects

NSF and NSA Fund Three Cybersecurity Projects by Prof. Alan Sherman 

Professor Alan Sherman and colleagues were recently awarded more than $5.4 million dollars in three new grants to support cybersecurity research and education at UMBC, including two from the National Science Foundation (NSF) and one from the National Security Agency (NSA).  Dr. Sherman leads UMBC’s Center for Information Security and Assurance which was responsible for UMBC’s designation as a National Center of Academic Excellence in Cybersecurity Research and Education.

This summer, NSF funded Sherman’s second CyberCorps Scholarship for Service (SFS) grant (Richard Forno, CoPI) that will fund 34 cybersecurity scholars over five years and support research at UMBC and in the Cyber Defense Lab (CDL). The $5 million award supports scholarships for BS, MS, MPS, and PhD students to study cybersecurity through UMBC degree programs in computer science, computer engineering, cyber, or information systems. SFS scholars receive tuition, books, health benefits, professional expenses, and an annual stipend ($22,500 for undergraduates, $34,000 for graduate students). In return, each scholar must engage in a summer internship and work for government (federal, state, local, or tribal) for one year for each year of support. The program is highly competitive and many of the graduates now work for the NSA.

A novel aspect of UMBC’s SFS program is that it builds connections with two nearby community colleges—Montgomery College (MC) and Prince Georges Community College (PGCC). Each year, one student from each of these schools is selected for a scholarship. Upon graduation from community college, the student transfers to UMBC to complete their four-year degree. In doing so, UMBC taps into a significant pool of talent and increases the number of cybersecurity professionals who will enter government service. Each January, all SFS scholars from UMBC, MC, and PGCC engage in a one-week research study. Working collaboratively, they analyze a targeted aspect of the security of the UMBC computer system. The students enjoy the hands-on experience while helping to improve UMBC’s computer security. Students interested in applying for an SFS scholarship should consult the CISA SFS page and contact Professor Sherman. The next application deadline is November 15.

With $310,000 of support from NSF, Sherman and his CoPIs, Drs. Dhananjay Phatak and Linda Oliva, are developing educational Cybersecurity Assessment Tools (CATS) to measure student understanding of cybersecurity concepts. In particular, they are developing and validating two concept inventories: one for any first course in cybersecurity, and one for college graduates beginning a career in cybersecurity. These inventories will provide science-based criteria by which different approaches to cybersecurity education can be assessed (e.g., competition, gaming, hands-on exercises, and traditional classroom). This project is collaborative with the University of Illinois at Urbana-Champaign.

With $97,000 of support from NSA, Sherman is developing a virtual Protocol Analysis Lab that uses state-of-the-art tools to analyze cryptographic protocols for structural weaknesses. Protocols are the structured communications that take place when computers interact with each other, as for example happens when a browser visits a web page. Experience has shown that protocols are so complicated to analyze that there is tremendous value in studying them using formal methods. Sherman and his graduate students are making it easier to use existing tools including CPSA, Maude NPA, and Tamerin, applying them to analyze particular protocols, and developing associated educational materials.

The post UMBC’s Sherman receives $5.4m in funding for cybersecurity research and scholarships appeared first on Department of Computer Science and Electrical Engineering.

2018 Maryland Cyber Challenge seeks student teams

The 2018 Maryland Cyber Challenge seeks teams willing to test a range of skills simulating real-word cyber scenarios. Teams will climb a ladder of challenges demonstrating an ability to work together, understand both simple and complex vulnerabilities, defensive operations and gamified offensive operations.

Registration is now open. An initial orientation session start the week of August 13 and qualification Round 1 will be September 8-9..

The finals will take place live at CyberMaryland 2018 in Baltimore on October 10. Prizes (TBA) will be presented LIVE by during a closing session at CyberMaryland.

Get more information and register here

The post 2018 Maryland Cyber Challenge registration opens for student teams appeared first on Department of Computer Science and Electrical Engineering.

Robot Governance – Institutions and Issues

Dr. Aaron Mannes, ISHPI Information Technologies

10:30-11:30 Tuesday, 24 July 2018, ITE 346

Inexpensive sensors and information storage and processing have enabled the large-scale production of robots: autonomous systems capable of acting on the world. These systems represent an enormous technological and economic opportunity that will change society in countless and unpredictable ways. They will also bring new policy challenges. This presentation examines the missions the government will need to undertake to address the challenges raised by this new technology, identifies critical gaps the government faces in carrying out these missions, and discusses institutional options to address these gaps.

Dr. Aaron Mannes is the Senior Policy Advisor at ISHPI Information Technologies, where he supports the Apex Data Analytics Engine (DA-E) at the Department of Homeland Security Science and Technology Directorate. In supporting DA-E, Dr. Mannes collaborates on big data projects that support the Homeland Security Enterprise and researches technology policy. He started at DHS as an American Association for the Advancement of Science Policy Fellow in September 2015. From 2004 to 2015, Dr. Mannes was a researcher at the University of Maryland Institute for Advanced Computer Studies (UMIACS) where he was the subject matter expert on terrorism and international affairs collaborating with a team of inter-disciplinary scientists to build computational tools to support decision-makers facing 21st century security and development problems. Dr. Mannes earned his Ph.D. at the University of Maryland’s School of Public Policy in 2014. His dissertation topic was the evolving national security role of the vice president.

Dr. Mannes is the author or co-author of four books on terrorism and has written scores of articles, papers, and book chapters on an array of topics including Middle East affairs, terrorism, technology, and other international security issues for popular and scholarly publications including Politico, Policy Review, The Wall Street Journal, Foreign Policy, The Journal of International Security Affairs, The Huffington Post, The National Interest, The Jerusalem Post, and The Guardian.

This research was conducted with the support of the Apex Data Analytics Engine in the Department of Homeland Security (DHS) Science and Technology Directorate (S&T). In no way should anything stated in this seminar be construed as representing the official position of DHS S&T or any other component of DHS. Opinions and findings expressed in this seminar, as well as any errors and omissions, are the responsibility of the presenter alone.

The post talk: Robot Governance – Institutions and Issues, 10:30 Tue 7/24, ITR346 appeared first on Department of Computer Science and Electrical Engineering.

Baltimore’s WBAL-TV ran a short news item on UMBC’s new partnership with Keio Research Institute (KRIS) in Japan, and Royal Holloway University of London (RHUL) in the UK to investigate the use of common system simulation tools for modeling critical national infrastructure. This partnership is part of a broader international collaboration, the International Cybersecurity Center of Excellence (INCS-COE). It will also involve Hitachi, an international operator in power systems, telecommunication, railways, and other core infrastructure areas.

Because cybersecurity attacks may not be limited to national borders, this collaboration argues that defense against such attacks should not be siloed either.

The post UMBC’s cybersecurity research partnership featured in WBAL-TV piece appeared first on Department of Computer Science and Electrical Engineering.

UMBC launches infrastructure-focused cybersecurity research collaboration with Japanese and UK partners

UMBC is one of three leading academic institutions collaborating on a new research initiative focused on cybersecurity for critical national infrastructures, including information technology, public transit, and financial services. University leaders signed the three-nation agreement in a ceremony at the sixth International Cybersecurity Symposium in Japan.

UMBC, Keio Research Institute (KRIS) in Japan, and Royal Holloway University of London (RHUL) in the UK will partner to investigate the use of common system simulation tools for modeling critical national infrastructure. This partnership is part of a broader international collaboration, the International Cybersecurity Center of Excellence (INCS-COE). It will also involve Hitachi, an international operator in power systems, telecommunication, railways, and other core infrastructure areas.

Because cybersecurity attacks may not be limited to national borders, this collaboration argues that defense against such attacks should not be siloed either.

“Cybersecurity can no longer be treated as a national issue,” emphasizes Karl V. Steiner, vice president for research at UMBC. “Long-term and productive international collaborations are needed to make significant progress.”

Jun Murai, professor of environment and information studies at Keio University, notes, “We look forward to working with our research colleagues in the UK and U.S. to help address the increasingly challenging cyber threats to the security of our respective critical national infrastructures.”

Working with a common toolset will enable mixed nationality teams to run simulations together. This will help cybersecurity experts learn how to more effectively address human factors, including cultural differences, in predicting how attacks and responses to those attacks might play out across different geographies.

“We are excited to participate in this new research collaboration with our colleagues in Japan and the UK to help us better understand and address some of the key cybersecurity challenges that our nations face from increasingly aggressive international adversaries,” says Anupam Joshi, director of UMBC’s Center for Cybersecurity.

The partners in this research see the modeling of system security as increasingly vital for industry and government, for both training purposes and vulnerability analysis.

“This initiative creates many future opportunities including, for example, the opportunity to address the impact on critical national infrastructure security of the exponential growth of the internet of things, and for potential exchanges of expert staff and students,” explains Keith Mayes, head of the Information Security Group (ISG) at Royal Holloway University.

Steiner shares Mayes’s excitement about expanding opportunities for both established and emerging researchers in this growing field. Thanks to leading academic programs in cybersecurity, the bwtech@UMBC Cyber Incubator, and UMBC’s internationally-known Center for Cybersecurity, he says, “UMBC is uniquely positioned in Maryland to become a major global force for research in cybersecurity.”

“This partnership,” says Steiner, “builds important connections to move this essential work forward.”

Adapted from a UMBC News article written by Megan Hanks. Photo by Marlayna Demond ’11 for UMBC.

The post UMBC launches cybersecurity research collaboration with Japanese and UK partners appeared first on Department of Computer Science and Electrical Engineering.

UMBC SFS Cybersecurity Spring Meeting

Student Project Reports and

Cybersecurity from the view of NSA’s Cybersecurity Threat Operations Center
Dave Hogue, Technical Director of NSA’s Cybersecurity Threat Operations Center (NCTOC)

11am-3pm, Friday, 25 May 2018, ITE 456, UMBC

Open to the public

Scholarship for Service (SFS) students will present their cybersecurity research from spring 2018. Eight SFS students from Montgomery College (MC) and Prince George’s Community College (PGCC) will present their results solving IT security problems for their universities and county governments. In spring 2018, these students worked collaboratively in a special applied research course at their school to help their schools and county governments. In fall 2018, these students will transfer to UMBC to complete their four-year degrees. This activity is part of a pioneering program centered at UMBC to extend SFS scholarships to community college students. In January 2018, all SFS scholars at UMBC, PGCC, and MC worked collaboratively to analyze the security of UMBC’s WebAdmin system.

David Hogue will talk about cybersecurity from the view of NSA’s Cybersecurity Threat Operations Center, including the key threats, techniques, and challenges posed by the sophisticated threat actors that NCTOC is charged to defend against.

11:00am Introductions

Alan T. Sherman (UMBC)
Casey W. O’Brien (PGCC)
David Kuijt (MC)

11:30am-1:00pm Student Project Reports

PGCC students
MC students
UMBC – Mohammad Khan, UMBC parking system
UMBC – Enis Golaszewski, winter research study on UMBC’s WebAdmin

1:00pm-2:00pm Lunch

2:00pm-3:00pm Dave Hogue, Technical Director, NSA Cybersecurity Threat Operations Center (NCTOC)

Cybersecurity from the view of NSA’s Cybersecurity Threat Operations Center: Key threats, techniques, and challenges posed by the sophisticated threat actors that NCTOC is charged to defend against.

3:00pm Adjourn

Host: Alan T. Sherman, *protected email*

Alan T. Sherman is a professor of computer science and Director of the UMBC Center for Information Security and Assurance (CISA), which center is responsible for UMBC’s designation as a National Center of Academic Excellence in Cyber Defense Education and Cyber Defense Research.

Casey W. O’Brien is Executive Director and Principal Investigator of the National CyberWatch Center, Prince George’s Community College.

David Kuijt is an associate professor at Montgomery College, Rockville.

Joe Roundy is the Cybersecurity Program Manager at Montgomery College, Germantown.

Support for this event is provided in part by the National Science Foundation under SFS Grant 1241576.

The post UMBC Scholarship for Service Cybersecurity Spring Meeting, Fri 25 May 2018 appeared first on Department of Computer Science and Electrical Engineering.

Big Data, Security and Privacy

Prof. Bhavani Thuraisingham, University of Texas at Dallas
11:00-12:00 Wednesday, 16 May 2018, ITE 459, UMBC

The collection, storage, manipulation and retention of massive amounts of data have resulted in serious security and privacy considerations. Various regulations are being proposed to handle big data so that the privacy of the individuals is not violated. For example, even if personally identifiable information is removed from the data, when data is combined with other data, an individual can be identified. This is essentially the inference and aggregation problem that data security researchers have been exploring for the past four decades. This problem is exacerbated with the management of big data as different sources of data now exist that are related to various individuals.

While collecting massive amounts of data causes security and privacy concerns, big data analytics applications in cyber security is exploding. For example, an organization can outsource activities such as identity management, email filtering and intrusion detection to the cloud. This is because massive amounts of data are being collected for such applications and this data has to be analyzed. The question is, how can the developments in big data management and analytics techniques be used to solve security problems? These problems include malware detection, insider threat detection, and intrusion detection.

To address the challenges of big data security and privacy as well as big data analytics for cyber security applications, we organized a workshop sponsored by the National Science Foundation in September 2014 and presented the results in 2015 at an inter-agency workshop in Washington DC. Since then several developments have been reported on big data security and privacy as well as on big data analytics of cyber security. This presenting will summarize the findings of the workshop and discuss the developments and directions.

Dr. Bhavani Thuraisingham is the Louis A. Beecherl, Jr. Distinguished Professor in the Erik Jonsson School of Engineering and Computer Science at The University of Texas at Dallas (UTD) and the Executive Director of UTD’s Cyber Security Research and Education Institute since October 2004. She is also a Senior Research Fellow at Kings College, University of London (2015-2018) and a New America Cyber Security Policy Fellow (2017-2018). Her current research is on integrating cyber security and data science. Prior to joining UTD she worked at the MITRE Corporation for 16 years including a three-year stint as a Program Director at the NSF. She initiated the Data and Applications Security program at NSF and was a member of the Cyber Trust theme. While at MITRE she was a department head and was also a technical advisor to the DoD, the NSA, the CIA, and the IRS. Prior to that, she worked for the commercial industry for six years including at Honeywell, Inc. She is the recipient of numerous awards including the IEEE CS 1997 Technical Achievement Award, the IEEE ISI 2010 Research Leadership Award, ACM SIGSAC 2010 Outstanding Contributions Award, SDPS 2012 Transformative Achievement Gold Medal, 2013 IBM Faculty Award, ACM CODASPY 2017 Innovative and Lasting Research Contributions Award, IEEE CS Services Computing 2017 Research Innovation Award, and Dallas Business Journal 2017 Women in Technology Award. She is a 2003 Fellow of the IEEE and the AAAS and a 2005 Fellow of the British Computer Society. She has published over 120 journal articles, 250 conference papers, 15 books, has delivered over 130 keynote and featured addresses, and is the inventor of six US patents. She has chaired/co-chaired top tier conferences including the Women in Cyber Security (WiCyS) 2016, ACM CCS 2017, and is serving as the Program co-Chair for IEEE ICDM 2018. She also delivered a featured address at the Women in Data Science (WiDS) conference in 2018. She received her PhD at the University of Wales, Swansea, UK, and the earned higher doctorate (D. Eng) from the University of Bristol, England, UK for her published research in secure data management.

The post talk: Big Data, Security and Privacy, 11am Wed 5/16 appeared first on Department of Computer Science and Electrical Engineering.

UMBC Cyber Defense Lab

SPARCLE: Practical Homomorphic Encryption

Russ Fink

Senior Scientist
Johns Hopkins University / Applied Physics Laboratory

12:00–1:00pm Friday, April 27, 2018, ITE 237, UMBC

In the newly coined Privacy Age, researchers are building systems with homomorphic algorithms that enable “never decrypt” operations on sensitive data in applications such as computational private information retrieval (cPIR). The trouble is, the leading algorithms incur significant computational and space challenges, relegating them mainly to large cloud computing platforms. We have invented a special-purpose, ring-homomorphic (aka, “fully homomorphic”) algorithm that, owing to some specializing assumptions, trades general-purpose cryptographic utility for linear performance in speed and space.

We will present the cryptosystem and discuss several current challenges. We will also throw in a fun, simple, tactile concept demonstration of PIR for those just generally curious about what all this is, hopefully demystifying how you can enable a server to search for something without knowing what it’s looking for, and without knowing what (if any) results it found.

Russ Fink (UMBC ’10) is a senior scientist at the Johns Hopkins University / Applied Physics Laboratory. His current research interests include private information retrieval, applied cryptography, and cyber security.

Host: Alan T. Sherman, *protected email*

The post talk: SPARCLE: Practical Homomorphic Encryption, 12pm Fri 4/27 appeared first on Department of Computer Science and Electrical Engineering.

SFS cyberdefense scholarship applications due April 27

The next application deadline for SFS cyberdefense scholarships to UMBC is 12noon Friday April 27, 2018, for possible scholarships beginning fall 2018. See www.cisa.umbc.edu for details and application forms.

These major scholarships include tuition, generous stipend, and more, in return for government employment. Applicants must have at least junior status in fall 2018. BS, MS, MPS, PhD in any cyber-related field may apply (CS, CE, EE, IS, Cyber). SFS applicants must be citizens or lawful permanent residents capable of obtaining a secret clearance at federal, state, local, or tribal government. The annual stipends are $22,500 undergraduate and $34,000 graduate.

These scholarships are highly competitive (e.g., the median GPA of current SFS scholars at UMBC is 3.8) and favor students who have excelled in upper-level technical courses and who have demonstrated a passion and talent for cybersecurity through relevant accomplishments. We will consider applications from rising juniors and above with GPA over 3.0. All SFS scholars at UMBC are expected to engage in cohort and research activities. For more information, see the SFS FAQ page.

Interested students should contact

Dr. Alan T. Sherman
Professor of Computer Science
Director, UMBC Center for Information Security and Assurance (CISA)
*protected email*

The post SFS cyberdefense scholarship applications due April 27 appeared first on Department of Computer Science and Electrical Engineering.