Training a Modern Crime Fighter

Published on April 10, 2019

Into the Breach: Colleges and Universities Train a New Type of Crime Fighter

In the digital age, when our entire lives are stored on databases and servers, the internet is the new Wild West. With a little time and ingenuity, cyber criminals can access endless amounts of personal data for political reasons, corporate espionage, blackmail or the sheer voyeuristic thrill of it, or to monetize the ill-gotten data in any number of ways.

It’s not alarmist to say that no one's information is safe — not the largest corporations with the strictest security protocols or blue-collar individuals who just want to browse social media in peace.

For every Equifax data breach that compromises the personal data of 145 million people, there are thousands of people phished online with a simple bogus email. Hacks vary in scale, sophistication and impact, but the hackers almost always have the same goal — to access data that doesn’t belong to them for their own nefarious purposes. In this Wild West, there are far too few sheriffs.

“Starting around 2005, there have been more and more large cybersecurity breaches, and these breaches have been happening more and more frequently,” said Dr. Shuangteng Zhang, a professor in EKU’s Computer Science Department. “This has resulted in a large demand for cybersecurity professionals so the affected industries can protect their systems from those attacks.”

In other words, there is a shortage of cybersecurity professionals to prepare for and respond to the ever-present threat. Zhang is one of two EKU faculty members who — along with administrators and faculty at colleges all across the country — are trying to change that, by developing digital forensics and cybersecurity programs to train the next wave of good guys.

“Today, every industry uses and heavily relies on the internet to do business. Information such as banking data, customer information and patient profiles is stored and accessed online...” Zhang said. “Every enterprise or organization, no matter how small or large, needs trained and skillful professionals to secure their systems and protect the information stored on them.”

Cybercrime is defined, loosely, as any crime that involves the use of an electronic device connected to a digital network. That includes data theft and identity theft, but also includes stalking, child exploitation, terrorism, election meddling and more. Devices such as computers, smartphones and servers may either be the tool with which the crime is committed or the target of the crime. In short, there are a wide range of illicit activities that fall under the umbrella.

While the terms “cybercrime” and “cybersecurity” have gained widespread use in the last decade or so, instances of malware and data theft date back almost to the beginning of the internet itself, becoming visible in the late 1980s and early 1990s, as adoption of the internet began growing at a rapid pace. Every new advance in functionality leads to a new, more sophisticated breed of cybercriminal.

For example, in 1988, a Cornell University student released the Morris worm, a self-propagating program that spread through a collection of about 60,000 computers networked together primarily at universities and government facilities — an early version of the internet. The malware was intended, according to the creator, as an experiment to test network security and highlight vulnerabilities, not to cause damage. However, the processing power required to run the program caused many computer systems to slow to a crawl, leading to an estimated hundreds of thousands of dollars in lost productivity and repairs.

With the rise of email came spamming and phishing, methods with which hackers could employ a variety of psychological techniques to convince people to open malicious attachments or voluntarily type in personal data. One of the earliest widespread email attacks was the Melissa Virus, which spread to thousands of computers within just a few hours in 1999.

The email tricked users into opening an attachment that essentially hijacked the victim’s Microsoft Outlook contacts list, sending the same email to 50 more recipients. The resulting network slowdowns cost companies an estimated $80 million.

As WiFi became widely available, hackers were quick to learn ways to exploit that as well. The most significant breach occurred in the mid- to late 2000s, when a hacker collective managed to steal the credit and debit card information of more than 140 million shoppers by breaching the point-of-sale at retail stores. One of the methods used to carry out the attacks was “wardriving,” the practice of driving around scanning for unsecured retail WiFi networks vulnerable to hacking.

Today, the hottest tech trend is artificial intelligence and machine learning — methods of automating workflow highly valued by corporations — and already hackers are co-opting innovation in this field.

“Today’s cybercriminals use automatic tools to scan the internet for targets and launch the attacks,” Zhang said. “It is very difficult to match the speed and scale with which the criminals launch the attacks using traditional cyber defense methods.”

With AI and machine learning knowledge, cybersecurity professionals can truly set themselves apart in the job market by demonstrating the ability to implement new ways to automatically detect attacks and defend networked systems. Yet, data shows companies are willing to pay top dollar to hire tech team members with even the most basic cybersecurity skills.

“Within a company or organization, cybersecurity is typically a job function of the IT department,” Zhang said. “The professionals performing this job responsibility are required to have specific training beyond the training a system or network administrator usually receives.”

That’s the positive — those who stand to benefit from the rise in cybercrime, aside from the criminals themselves, are honest techies looking for a secure, meaningful career.

Estimates vary on the scope of the job shortage, but by all accounts, it’s significant. The ISACA, a nonprofit information security advocacy group, estimates a global shortage of more than 2 million cybersecurity professionals. Every year in the U.S., 40,000 jobs for information security analysts go unfilled, and employers are struggling to fill 200,000 other cybersecurity-related roles, according to CyberSeek. The job-hunting service Indeed reports that for every 10 cybersecurity job ads that appear, only seven people even click on one, let alone apply.

Additional job openings exist in digital forensics. While cybersecurity is preventive in nature, digital forensics is the process of recovering and preserving digital data after an incident occurs, data that can be used as evidence in criminal cases and other investigations. Digital forensics investigators typically work as a function of law enforcement and often help solve traditional crimes as well. For example, they may uncover text messages on a confiscated cell phone that points to drug activity or analyze the “black box” of a car involved in a fatal collision.

EKU professor Ka-Wing Wong, Zhang’s contemporary who is spearheading efforts to grow EKU’s security-related course offerings, recently helped negotiate a partnership with the Kentucky State Police to open a satellite digital forensics laboratory on campus. The partnership will provide hands-on experience to students, while simultaneously lightening the workload for investigators, which is incredibly heavy. At a news conference announcing the opening of the facility, police called it a win-win, not only for the justice system, but for KSP’s ranks as well.

“It enables us to identify some people that we would like to hire,” KSP Lt. Col. Jeff Medley said at the news conference. “And boy do we need them. We need all the people we can get.”

EKU’s course offerings in digital forensics and cybersecurity, like technology, are continually evolving. Originally introduced as a computer security concentration in 2009, and later switched to focus primarily on digital forensics, the program made its latest transformation just last year. In 2018, the University approved the creation of a bachelor’s degree in digital forensics and cybersecurity, which gives equal weight to both possible career paths. This and programs like it across the country open doors of opportunity for students who then close them for cybercriminals.

“Any enterprise or organization that stores sensitive information online will need cybersecurity professionals,” Zhang said. “Such enterprises or organizations include financial companies, insurance companies, hospitals, retail stores, manufacturers, tech companies, universities, government agencies and so on. There is no limit to where graduates can go.”

Learn more at go.eku.edu/KSPLab