Sunday, July 18, 2021 from 3:45-5:15 p.m. PST.
The research computing enterprise is concerned with a myriad of cybersecurity threats. To better understand what professionals in academic centers were worried about in 2020, a high-level analysis of cybersecurity risk-related themes was identified by scientists and research computing practitioners surveyed by the Trustworthy Data Working Group (TDWG). Their report was published in December, 2020.
TDWG was a collaborative effort of NSF Trusted CI; the four NSF Big Data Innovation Hubs, the NSF CI CoE Pilot; the Ostrom Workshop on Data Management and Information Governance; NSF Engagement and Performance Operations Center; the Indiana Geological and Water Survey; the Open Storage Network; and others. The working group’s goal was to understand scientific data security concerns, and to provide guidance on ensuring the trustworthiness of data.
Chief among the list of top 16 concerns—identified by 44 survey respondents—was Impact on Scientific Results (bad or wrong conclusions), followed by reputational risk/harm (27); integrity of scientific process (18); trust in science/combatting misinformation and public trust (in an election year; 15); and others—near the bottom of the list of 16 were compliance-related concerns (4); and threats from insiders, theft or surveillance (only one survey respondent indicated that they were concerned by this).
But the landscape changes rapidly. In 2021, compliance and security specialists at institutions with large medical complexes have become increasingly concerned about ransomware. While it isn’t new, the targets and methodologies used by those who kidnap data and systems have changed, and the average cost per incident increased dramatically in 2020.
As reported by Comparitech, 600 U.S. clinics and hospitals were victims (via 92 ransomware attacks) at a cost of nearly $21 billion in 2020, alone. Health data can be held for ransom and sold to third-parties, and then all individuals whose data are breached have reason to litigate; it’s the crime that keeps paying for the perpetrator, and never seems to go away for those who are victimized. Elevated risk and cost ensure that the problem receives more attention by campus legal and security professionals whose job it is to safeguard health data and institutional assets. To make their headaches even worse, teaching hospitals and clinics whose research teams engaged in COVID research were more heavily targeted in 2020. Public announcements about COVID-related research grants became reasons for bad actors to turn their attention to these facilities.
The bigger the crime, and higher the cost to society, and the more likely that one or more federal policing agencies will get involved. Most attacks against high performance computing (HPC) resources aren’t intended to capture data; criminals attempt to harness unguarded computational power for all sorts of bad reasons. But if a system is hijacked for use in an international crime, the center that manages the vulnerable system could become embroiled in an investigation and criminal case; they might even face liability.
Cyber warfare refers to the use of digital attacks by one country to disrupt the vital computer systems of another with the intention of causing damage, death and/or destruction; and sometimes exploited systems reside on university campuses. When it comes to power grids, the water supply, defense installations and community services, both offensive and defensive maneuvers are underway in every country; none are exempt. Bad actors can exploit everything from our HPC all the way down to our mobile phones and Internet of Things (IoT) devices.
Criminal networks run like a business and turn billions of dollars for their syndicate, making use of cyberinfrastructure and skilled IT personnel alike. They invest in research and development intended to undo whatever technology is put in place to protect academic, government, commercial and private assets. There are well-funded, and well-staffed criminal organizations that conduct hacking and a range of other e-services for hire, or they sell tools that can be used for crime. When the attack affects tools used by a large number of public and private organizations, the process of discovery and mitigation is tedious and can take many months. For example, we have yet to discover the total impact to society caused by the SolarWinds software supply-chain attack which began sometime in March 2020, and went undetected until December 8, 2020.
So how do we protect ourselves and our assets?
We need a larger workforce of well-intentioned cybersecurity professionals to safeguard our systems, data, devices and utilities.
_____________________
Cybersecurity Careers Panel Format:
This panel features cybersecurity experts from a range of public and private organizations who work diligently to protect us against cybersecurity threats. Each moderator and panelist will have 10 minutes to share their career ‘arc’ and how others might prepare for the range of cybersecurity careers they represent.
Following the presentations, we will use the balance of our 90-minute program for Q&A. The audience is encouraged to ask panelists questions about their work, career path, and careers within the organizations they serve, or have served in the past.
Due to the sensitive nature of investigations, panelists will not answer questions relating to crimes that are currently under investigation.
Panelists
Anita Nikolich is a Research Scientist and Director of Research Innovation at the iSchool at UIUC. She served as Cybersecurity Program Director at the National Science Foundation (NSF), and has spent time in academia, industry and government. She is the co-organizer of the DEFCON AI Village and is a member of the ARIN Advisory Committee.
Elham Tabassi is the Chief of Staff in the Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST). ITL, one of six research Laboratories within NIST, supports NIST’s mission, to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. ITL conducts fundamental and applied research in computer science and engineering, mathematics, and statistics that cultivates trust in information technology and metrology by developing and disseminating standards, measurements, and testing for interoperability, security, usability, and reliability of information systems. As a scientist she has been working on various computer vision research projects with applications in biometrics evaluation and standards since 1999. She leads the NIST Trustworthy AI program. She is the principal architect of NIST Fingerprint Image Quality (NFIQ) which is now an international standard for measuring fingerprint image quality and has been deployed in many large scale biometric applications worldwide. She received the Department of Commerce Gold Medal in 2003, the Department of Commerce Bronze Medal in 2007, and 2010, ANSI’s 2012 Next Generation Award, the Women in Biometrics Award in 2016, and the Washington Academy of Sciences 2020 Excellence in Computer Science award. She is a recipient of 2021 Fed100 award, a senior member of IEEE, and a member of AAAI.
Jim Basney, Trusted CI. Jim is the deputy director of Trusted CI, the NSF Cybersecurity Center of Excellence, and is a principal research scientist in the cybersecurity group at the National Center for Supercomputing Applications at the University of Illinois. Jim received his PhD in computer sciences from the University of Wisconsin-Madison in 2001. Jim can speak about his career arc from graduate student studying high throughput computing to academic professional working for the past 20 years to help secure NSF research cyberinfrastructure. For over 10 years, Jim led the MyProxy credential management software project, which was cited as a “clear success story for sustained software” in the report from the 2009 NSF-funded Workshop on Cyberinfrastructure Software Sustainability and Reusability (https://hdl.handle.net/2022/6701). Jim also leads the CILogon project, which has been providing identity and access management services to cyberinfrastructure projects since 2010. While at the University of Illinois, Jim has been PI or co-PI on 14 NSF, DOE, and DHS funded projects.
Philip E. Frigm, Jr., Federal Bureau of Investigation (FBI), Section Chief of Cyber Technical Analytics & Operations Section for the FBI’s Cyber Division (CyD). Philip joined the FBI in 2005 and was assigned to the Newark office where he investigated various violations, including Italian Organized Crime. A year later, he started focusing on investigating criminal and national security computer intrusion cases. In 2010, he was promoted to FBI Headquarters as Supervisory Special Agent in CyD’s National Security Section. In January 2018, he was selected as Assistant Special Agent in Charge for the FBI’s Buffalo Field Office where he managed both the National Security and Intel Branches until his promotion in June 2019 to his current role at FBI Headquarters. Mr. Frigm oversees the FBI CyD’s technical programs, including oversight of the Cyber Action Team; forensics and reverse engineering programs; tactical and strategic technical intelligence programs; and the creation and use of custom applications and tools, all dedicated to help the FBI impose risk and consequence on cyber adversaries. Prior to working for the FBI, he worked in varying IT administration and management positions and obtained a Master of Science in Information Technology from Rochester Institute of Technology focusing on telecommunications policy and multimedia development.
Bryson Bort, SCYTHE. Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber in 2020 by Business Insider. Bryson can speak about his career trajectory before forming GRIMM and SCYTHE, and how his team found itself in the national spotlight when experts were needed to shed light on SolarWinds. He will briefly describe the timeline, and ongoing efforts by a range of public and private agencies, to identify and mitigate related issues.
Starter questions:
Dr. Nikolich, Tell us about DEFCON AI Village!Ms. Tabassi, Please explain measurement science, and how it is used in the field of cybersecurity. What academic path would prepare someone for a career with NIST?
Dr. Basney, how many malicious attempts do bad actors make against NSF federated CI every day, on average? How many cybersecurity specialists work for NSF-funded CI projects?
Agent Frigm, as an undergrad at Penn State University majoring in History and Medieval Studies, had you considered that your career would take a technical turn? At what point did you pursue cybersecurity; did someone, or an event, influence this decision?
Mr. Bort, by starting out at West Point, through completing your MBA at the University of Florida, it seems that you heard your calling in life at an early age. At what point did you decide to become an entrepreneur and what influenced that decision?
Panel facilitator/author:
Elizabeth Leake, (STEM-Trek Nonprofit). PEARC21 Student Program Co-Chair.