A weekend ransomware attack that shut down dozens of TV channels owned by national media conglomerate Sinclair Broadcasting Corporation is just the latest in a wave of cyber- and ransomware attacks this year. FBI Director Chris Wray said cyber attacks were on the rise “almost exponentially”, With many targeting critical US infrastructure, such as when the ransomware shut down the Colonial pipeline in May. The increase in activity has led to the recent creation of the Joint Cyber Defense Collaboration, which includes Google and the FBI as well as other private and public agencies focused on fighting cybercrime.
Kyle Sferrazza, who will be completing his Masters in Cyber Security next year through Northeastern’s PlusOne Program, already has a seasoned perspective on cyber attack trends. It recently won first place in a cybersecurity competition organized by the US Department of Energy. He spoke to News @ Northeastern about emerging cybersecurity threats and the vulnerability of our government institutions.
Why have ransomware attacks increased so dramatically over the past two years?
The whole pandemic has moved pretty much everything online, and more and more companies from every industry imaginable have moved to the cloud and migrated that way. This means that there are a lot more targets online, and ransomware attackers can simply pulverize cyberspace and try to infect as many as they can. There are pre-built ransomware frameworks out there, and it’s so easy for an attacker to just grab one, type in their cryptocurrency address, and leave it on the internet for free.
How secure are the elements of America’s online infrastructure?
Much of our country’s critical infrastructure is made up of systems so complex that it is somehow impossible to completely secure them. The government, hospitals and everyone else do not have unlimited resources to devote to cybersecurity to ensure that it is 100% secure. Thus, much of the attention has recently been focused on improving resilience and prioritizing the infrastructure that is most vulnerable.
So how worried should we be?
These systems are much more vulnerable than they should be right now: Colonial Pipeline CEO told the US Senate that hackers were able to gain access to their systems with a One-time password compromised. In an ideal world, this kind of large-scale compromise shouldn’t be possible by getting just one password. It is more important than ever that we put in place standard security controls over our critical infrastructure and key resources to help improve our nation’s resilience against cyber attacks.
How did you get interested in cybersecurity?
I think since I first used computers and clicked things as a kid, I wanted to see how it worked, break it down and see what it was made of. A lot of it is what cybersecurity is: finding loopholes and seeing how things are done in order to penetrate or secure them. So when I was a kid I was writing code to modify Minecraft, then I got interested in cybersecurity towards the end of high school.
What area are you most interested in when it comes to cybersecurity?
I’m very interested in the offensive side, so look at vulnerabilities and create exploits [pieces of code that find and exploit security vulnerabilities]. It’s about looking at bits on the network and somehow deciphering a special magic sequence that I can send that gives me control. At the same time, I now know how to prevent someone else from doing these things to my software.
How long have you been participating in the US Department of Energy cybersecurity competitions?
I started in 2019 with their CyberFirst competition, where you work with a team to defend a fictitious energy infrastructure that they are creating. I think the competitions do a great job of representing the types of vulnerabilities you might find in critical infrastructure across the country. These contests, especially right after the Colonial Pipeline, will hopefully get people thinking and interested in critical infrastructure and the protection of key resources.
What could be one of the next big cybercrime targets?
Something I have researched recently is cloud security. More and more organizations are putting all of their data in a cloud with Amazon, Microsoft, or Google, and often companies aren’t sure how to protect information. They’ve never done anything like this before, so maybe they’ve misconfigured something or forgot some controls that make it difficult for attackers to access their cloud networks. Depending on how many customers this company has, this could be a huge breach.
For media inquiries, please contact [email protected]