Campus News Science & Technology Society & Culture

UGA is cyber ready to help state fight hacker attacks

Roberto Perdisci is a founding member of UGA's Institute of Cybersecurity and Privacy. (Photo by Peter Frey/UGA)

New center is dedicated to battling cybercrime.

Cybercrime takes one of our society’s great strengths—the Internet—and exploits its weaknesses. The threat seems inescapable, no matter where you are.

In 2017, a cyberattack forced the cancellation of thousands of medical operations and appointments at hospitals in the United Kingdom, a blackout in Ukraine was traced to malicious software, and Uber disclosed that hackers had breached a database with personal information of more than 57 million drivers and users. It hit closer home this March when cybercriminals held the City of Atlanta’s municipal network for ransom.

And that doesn’t even include the thousands of attempts per day to steal information and money through people’s personal devices.

According to government estimates, cyberattacks cost the U.S. economy between $50-$100 billion a year, and threats from cyberterrorism could put lives at risk. That’s why advancing cybersecurity is one of the University of Georgia’s great commitments.

In 2016, the university pooled its strengths in this field and formed the Institute of Cybersecurity and Privacy (ICSP), housed in the Franklin College of Arts and Sciences and part of the Georgia Informatics Institutes. The following year, the university was named a National Center of Academic Excellence in Cyber Defense Research, a designation that underscores the role UGA plays in strengthening America’s cyber defense capabilities. The institute’s research is funded by the National Science Foundation, U.S. Air Force, Department of Homeland Security, and several corporations.

“The University of Georgia is making great strides and is doing things very systematically to increase our cybersecurity research and engagement with the community, with the federal government, and internally,” says Kyle Johnsen, director of the Georgia Informatics Institutes and an associate professor of engineering.

Three Ways UGA is Tackling Cybersecurity Challenges

1. Looking for long-term solutions through research

Perhaps what makes cybercrime feel so threatening is that few of us understand how it works, much less how to fix it. But beneath all of the jargon about coding, viruses, and hacking, the concept is really nothing new.

Kang Li is the director of the Institute of Cybersecurity and Privacy. (Photo by Peter Frey/UGA)

“In the old days, you had people robbing banks,” says Kang Li, director of ICSP. “Now the way to steal money is from people’s electronic accounts or from the Bitcoin wallet.”

Cybercrime will never go away completely, says Roberto Perdisci, associate professor of computer science and ICSP member, but it can be mitigated. Security experts must anticipate how cyber criminals quickly adjust their tactics as technology evolves. Research universities like UGA are key to staying ahead of the most harmful attacks.

“Our goals are longer term,” says Perdisci, who has developed new tools in network security.

Typical antivirus software scans downloaded files and then determines whether they are malicious based on the file’s behavior. But Perdisci says malware developers are getting craftier at hiding the harmful elements from security scans.

Perdisci’s software, named AMICO, takes a different approach. It uses machine learning tools to examine the network activity of thousands of individual users and pinpoint downloads from suspicious sources. If AMICO finds a problem—say a download from a website that has only recently registered—network security is alerted.

Designed for large open networks, AMICO is now being used by UGA to help protect its robust network; the University of Alabama at Birmingham is using it too. Meanwhile, Perdisci is exploring whether AMICO could be adapted for small corporate networks or other industry uses.

Read more about how Robert Perdisci is battling cybercrime on our Great Commitments website.

2. Preparing the next generation of developers

While ICSP faculty are developing new ideas to combat cybercrime, they’re also teaching the next generation of programmers to create a more secure cyberspace. That’s important, Li says, because the demand for security-savvy professionals currently exceeds the supply.

“One reason we have so many problems in cyberspace is that computer scientists don’t know how to write a secure code,” Li says. “We need to improve that.”

Sometimes the best way to figure out if a program is secure is to try to break it.

Kevin Warrick is a doctoral student in computer science. (Photo by Peter Frey/UGA)

The challenge of breaking, repairing, and fixing programs is what drew Kevin Warrick BS ’11 into cybersecurity. As an undergrad, Warrick (now a computer science doctoral student at UGA) took Li’s computer science security course: a semester-long competition in which classmates jockey for the most points in security challenges. These challenges include finding bugs, fixing problems, or battling classmates in capture the flag (in which teams try to hack and break opponents’ programming while protecting their own).

“You’re learning something new every time,” Warrick says. “You want to be the first to solve a challenge and get more points.”

Li says the games teach students how to create defensive code and pinpoint vulnerabilities. “I’m a believer that if you want to succeed in cybersecurity, you need to get your hands dirty. If you want to train students to work in the cybersecurity field, you have to get them to work on the real thing.” He used this approach in developing security courses for the National Science Foundation.

3. Sharing information with the community

If multinational corporations and federal agencies with extensive resources fall victim to cybercrime, then what chance does anyone else have? And where can people turn for direction?

For the state, UGA is taking steps to play a leading role in creating a security-savvy public.

Kyle Johnsen is director of the Georgia Informatics Institutes. (Photo by Peter Frey/UGA)

“I think people are looking to the University of Georgia for guidance into how to protect themselves,” says Johnsen, who, along with other UGA faculty, is working hard to help local governments and small businesses in Georgia bolster their defenses. The newest and most ambitious of these programs is CyberArch.

Organized through UGA Public Service and Outreach (PSO), CyberArch is being piloted to share customized cybersecurity resources with Georgia communities. Already, UGA PSO units, such as the Small Business Development Center, the Carl Vinson Institute of Government, and the UGA Center for Continuing Education, offer help with cybersecurity. But CyberArch is taking it further by tailoring information to individual community needs.

“We want the communities to tell us what their issues are, and we’ll help facilitate getting the right information to them,” says Paul Brooks, associate vice president for UGA Public Service and Outreach.

Hart County and Griffin/Spalding County (participants in UGA’s Archway Partnership) are the first communities to pilot the program. In late 2016 and early 2017, outreach and cybersecurity representatives from UGA, including Johnsen, Li, and Warrick, met with community leaders in local businesses, law enforcement, education, and government to begin talking about those needs. Now, UGA experts are working on ways to offer solutions. It’s just the first step in equipping citizens to face the challenges of cybercrime.

Two Easy Steps Everyone Can Take to be More Cyber Ready

No one piece of technology is going to solve the issues of cybersecurity, says Kyle Johnsen, director of the Georgia Informatics Institutes. Instead, consumers need to make a habit of being more secure with their computers and devices, just like they take the time to lock the front door in the morning.

  1. Allow the updates that your phone and computer operating systems ask you to download. They’re not just offering new features; often, they’re plugging gaps in your device’s security.
  2. Use different passwords on every site. If your main password is exposed, then all of the other sites are exposed as well. If you have trouble remembering all of your passwords (and who among us doesn’t?) use one of the password management services available for download.

This story originally appeared in the Summer 2018 issue of Georgia Magazine with the title, Cyber Ready.