In an effort to strengthen the cyber defense and cyber resilience measures within information technology systems, government and industry partners are increasingly turning to ethical hackers and incorporating bug bounty programs, which offer rewards for uncovered vulnerabilities. Bug Bounty Programs are “incentivized, results-focused programs that encourage security researchers to report security issues to the sponsoring…
Series: The CSIAC Podcast
The CSIAC Podcast features discussions with Subject Matter Experts on emerging topics in the fields of cybersecurity, modeling and simulation, software engineering and knowledge management. One-on-one and round-table discussions are held to provide insight into highly technical topics and increase user awareness.
Cybersecurity Supply Chain Risk Management (C-SCRM)
Supply chain attacks, also referred to as value-chain or third-party attacks, occur when hackers are able to infiltrate a system using loopholes in third-party logistics providers. These types of high-value cyber-attacks, designed to disrupt operations, pose an increasingly significant risk to military equipment through the proliferation of counterfeit electronic components, which have the potential to…
5 Best Practices for Software Security
As Software becomes more complex, it is critical to incorporate security from the very inception of the system rather than an afterthought. With the rapid shifts in technology and increasingly sophisticated threats, cybersecurity considerations are a critical factor, expressly for systems utilizing decades-old software applications, still operational due to specific mission criticalities. These highly complex…
Authenticating Devices in Fog Multi-Access Computing Environments through a Wireless Grid Resource Sharing Protocol
The rapid growth of the Internet of Things (IoT), cloud computing, Fog computing, multi-access Edge computing and wireless grids has resulted in the widespread deployment of relatively immature technology. These technologies, which will primarily use fifth-generation (5G) wireless communication networks, are becoming popular because they can be deployed quickly with little infrastructure and lend themselves…
Security-Conscious Password Behavior from the End-User’s Perspective
Even though technical solutions for security problems are widespread, there are no adequate security measures against precarious user behavior. Even if hashing and encrypting are used correctly in masking the passwords, attackers can bypass these strongpoints by going for the weakest link. Most likely this will happen through sharing a password, using an already leaked password, or creating an feasibly guessable password (Olmstead & Smith, 2017). Furthermore, people seem to feel safe in cyberspace, even if they engage in risky behaviors (Vozmediano, San-Juan, Vergara & Lenneis, 2013).
VPNFilter Router Attack
In late May 2018, security researchers announced that specific consumer-grade electronic devices had been infected by a type of malware referred to as the VPNFilter. Only a couple of days after this information was disclosed, several agencies of the United States Government issued a warning to users of these compromised devices, strongly advising them of specific…
TrickBot
Cybercriminals have developed many methods to exploit browser applications in order to obtain individual’s credentials. One such method, Emotet is a Trojan malware that targets windows-based computers and was originally designed to steal sensitive, private information from banking customers. Later versions of this software were modified to enable Emotet to be spread via spam emails.…
Data Manipulation
What is data manipulation? A misconception is that hackers always steal data, but this assumption is incorrect. Data manipulation attacks occur when an adversary does not take data, but instead makes subtle, stealthy tweaks to data for some type of gain or effect. These subtle modifications of data could be as crippling to organizations as…
Reducing Your Digital Footprint
Every activity a person carries out on the Internet leaves behind a trail of data commonly known as a digital footprint. The information left behind can have real-world consequences. As such it is essential that users understand how their digital footprint is created, the magnitude of that digital trail, and the steps they can take…
5th Generation (5G) Technology
The 5th generation (5G) of wireless technology will soon be available with the launching of 5G wireless networks along with compatible cellular technologies. 5G is built on the 802.11ac Institute of Electrical and Electronics Engineers (IEEE) wireless networking standard. Speeds are anywhere from 10x to 100x faster than 4G. CSIAC discusses this further along with the impacts of IoT and mobile devices that 5G will or may cause.
