From power grids to banks, computer network vulnerabilities are numerous and the attackers can be elusive, especially if they’re ISIS and not geographically contained.
It’s part of the reason why the six-year-old U.S. Cyber Command has a tough job as it targets ISIS, said Massimiliano Albanese, information sciences and technology professor, associate director of the Center for Secure Information Systems and co-director of Laboratory for IT Entrepreneurship (LITE) at George Mason University.
Cyber Command, the military counterpart to the National Security Agency, recently added ISIS to its list of cyberattack targets. Cyber Command has focused on China, Russia, Iran and North Korea because many cyberattacks on the United States originate from those countries. The United States is actively working to disrupt the Islamic State from recruiting new devotees and promoting its mission, along with defending U.S. computer networks.
Defending against cyberattacks means guarding every entry point, but the attackers only need one weak spot to get into the network, Albanese said. Albanese and his team are working on defenses against computer attacks that turn critical systems into tough-to-catch moving targets.
“It’s an arms race between the defenders and the attackers,” he said. “It’s like a game. The current situation tends to favor the attacker.”
And any network can be an inroad to a larger system, Albanese pointed out. For instance, watching movies may seem like a good way to pass the time on a long flight, but those entertainment systems also could be a pathway into the airplane’s computer system for the Islamic State.
Computer hacking is suspected to be the cause of the 2014 crash of Malaysia Airlines Flight 370 that killed 239.
“We are worried about knives and other weapons on planes,” Albanese said. “We are putting all this technology on board planes and cars, but we are not thinking of someone cyber-hacking by plugging into the entertainment center.”
Computer systems in cars are another vulnerability that could be exploited by terrorists. “Just plug into a port—there is no security, no encryption to protect you,” Albanese said.
Computer network attacks can be highly effective in severely curtailing a country’s capabilities. A malicious computer worm was behind the disruption of Iran’s nuclear capabilities in 2012.
“Nobody suspected anything was wrong until the moment when the engine actually crashed,” Albanese said about Iran’s nuclear derailment.
Massimiliano Albanese is an information sciences and technology professor, associate director of the Center for Secure Information Systems and co-director of Laboratory for IT Entrepreneurship (LITE). He can discuss computer and network security. He can be contacted at malbanes@gmu.edu or 703-993-1629.
For more assistance, please contact Michele McDonald at 703-993-8781 or mmcdon15@gmu.edu.
About George Mason
George Mason University is Virginia’s largest public research university. Located near Washington, D.C., Mason enrolls more than 34,000 students from 130 countries and all 50 states. Mason has grown rapidly over the past half-century and is recognized for its innovation and entrepreneurship, remarkable diversity and commitment to accessibility.