High stakes: U.S. security industries work to combat cyberattacks

Great emphasis placed on intelligence analysis, ­characterization, prediction

By Gina Gallucci-White
BridgeTower Media Newswires
 
BALTIMORE, MD — For companies like the Bethesda, Maryland-based Lockheed Martin, the threat of a cyberattack calls for accelerated preparation.

Lockheed Martin is where military aircraft, including the F-16 fighter jet and the Black Hawk helicopter, are designed and manufactured. The company, which has 98,000 employees worldwide, also researches and develops products for space exploration, robotics, nanotechnology, energy management and cybersecurity.

This is the sort of work that makes a company a lightning rod for cyber terrorists.

“Lockheed Martin and other members of the Defense Industrial Base are frequent targets of adversaries from around the world,” Mike Panczenko, Lockheed’s Director of Cyber Engineering and Technology, said, adding that the company has made “significant investments in countering persistent threats.”

Today, everything in the defense and aerospace industries is network enabled, which means cybersecurity has to be part of everything the company does, he said. In addition, security threats against the U.S. government and the private sector are “becoming increasingly sophisticated and complex.”

Lockheed Martin’s computer specialists place a great emphasis on intelligence analysis, characterization and prediction to respond quickly to attacks, and even before that, to build resistance to them, he said. 

“If unusual activity is identified, we use a disciplined process to track the adversary, understand their motivation and secure our customer, program and employee personal data,” Panczenko said.  

Keeping the public safe

In October, the Maricopa Sheriff’s Department in Arizona arrested an 18-year-old man who posted a message on Twitter that, when clicked, continuously called 911, interrupting the service in areas of Arizona and at least 11 other states.

After that attack, the Department of Homeland Security encouraged 911 call centers to evaluate their risk at this time, a DHS spokesperson said. The agency has been referring public safety officials to the Alexandria, Virginia-based NENA for a best practices review to minimize risk in a denial of services attack.

“The advice we are giving 911 call centers at this time is related specifically to responding and mitigating the effects of the attack,” Trey Forgety, NENA’s director of government affairs, said.

There is “no way to directly influence attackers to not attack,” he said. But there are plenty of steps that 911 operators can take when an attack happens. If a caller unintentionally perpetrates an attack through a third party who has hijacked his or her phone, for example, operators can find out the make of the phone, the service provider and have the caller reboot his or her phone.

This kind of preparation doesn’t involve a lot of resources, which is good, Forgety said. Because 911 call centers have worked so well historically, state and local governments have become “complacent” about making cybersecurity resources available.

That is changing, though, Forgety said, in part because of a public safety cybersecurity conference held earlier this year in Columbus, Ohio, that brought together the tech types and politicians who oversee 911 centers.

“In public safety, we don’t like to talk about vulnerabilities,” he said, adding that now it is important to talk “long and loudly about the problem.”

Starting in the classroom

About 70 percent of the students enrolled in the University of Tulsa’s Cyber Corps program graduate to careers at the National Security Agency and Central Intelligence Agency. Others get positions at the Department of Defense, NASA and the FBI.

Dr. Sujeet Shenoi, the program’s director, said students earn those jobs by working with the government and Fortune 500 companies that allow the students, who range from freshmen to Ph.D candidates, to get real world experience on attacking and defending infrastructures, such as gas pipelines or 911 call centers.

“One thing I feel really strongly about is that you must have hands-on access,” Shenoi said.

In this field, in particular, there is only so much students can learn from books or lectures, he said.  They need to see the “complexities of a system,” and through practical lessons, try to “craft a solution that deals with the complexity.

“The students come away very well trained,” he said.

Shenoi would not comment on the companies the university works with and said that students selected for the Cyber Corps must have integrity and discretion. Like any employee with a security clearance, the students are trusted not to pass information to other entities without permission.

“Acquiring the trust so that my students and I can attack these systems has been the hardest (endeavor) in my entire life,” Shenoi said.

The results are worth it, though. To build a lab or the infrastructure needed to train students for these high security industries would cost billions of dollars, Shenoi said.

“If you aren't working on a realistic structure then you are not doing real science and engineering. It’s only a model,” he said.