George Mason University
George Mason University Mason
George Mason University

Cyber Security News

Constant Vigilance Needed to Avoid Future Cyber Attacks

Two George Mason University professors say cyber attacks similar to the one that recently affected Europe, Asia and parts of the United States are likely to happen again if critical structures dependent on real-time data don’t constantly maintain their vigilance.

Massimiliano Albanese, associate director at George Mason’s Center for Secure Information Systems, and Jean-Pierre Auffret, associate director for Mason’s Center for Assurance Research and Engineering, worry that the sense of urgency will diminish as the memory of the most recent attack recedes.

“We don’t seem to be learning the lessons,” Albanese said. “Incidents keep happening.”

The “WannaCry” ransomware, believed to be the largest online extortion attack ever, according to the Associated Press, struck at least 100,000 organizations in 150 countries last week. Victims using several older Microsoft Windows versions, such as Windows XP and Windows 8, were forced to pay a ransom to unlock their networks and regain access to their data.

The United States was largely unscathed, as American companies typically update their systems more frequently and invest more in cybersecurity than do their counterparts from around the globe, Albanese said.

Microsoft in March made a patch available that could have prevented the malware from wresting control of so many companies.

“It’s a big risk for organizations that rely on information in real-time like hospitals,” Auffret said.

Companies should continue to update their systems, invest in cybersecurity and have extensive plans in place for back-up systems that would preserve their data in the event of another attack, both professors said.

How a Mason Grad Uncovered a Worldwide Data Swipe

Uncovering a data swipe, which mostly affects international customers and users of disposable or prepaid Android phones, took three weeks of 14-hour days, said Mason alum Ryan Johnson. The discovery, which Angelo Stavrou said was reported to the U.S. government, brought much publicity to Kryptowire, especially through online tech media. Johnson works at Kryptowire, a five-year-old company founded by Angelos Stavrou, director of George Mason University’s Center for Assurance Research and Engineering. The Fairfax, Va., company, which does mobile application security and analytics, employs 16 people, 14 of which are George Mason graduates including Johnson, 34, and Brian Schulte, 28, both of whom have master’s degrees in information security and assurance from Mason and are Kryptowire’s co-founders. Read the full story.


Mason Professor Says Virginia’s International Cybersecurity Outreach Is Unique

For Peggy Brouse, director of George Mason University’s Cyber Security Engineering Program, the problem of protecting critical infrastructures, both physical and online, from attack is “a huge problem.”

“It’s probably a lot more far-reaching than people think,” she said.

That is why Brouse is encouraged by the announcement that Virginia Gov. Terry McAuliffe is partnering with the Australian state of Victoria to share resources and information about cybersecurity.

Brouse, who has a PhD in information technology and engineering from George Mason, and is a former software engineer for the U.S. Army Information Systems Engineering Command, said she knows of no other U.S. state that has reached across international borders for such a partnership.

“By collaborating with friendly forces, we’re working together to try to combat this problem, which is a world problem,” Brouse said. “I believe [McAuliffe] thinks that by working together, it can be a mutually satisfying relationship. There’s strength in numbers.”

No details of the partnership are available, but Brouse said there certainly will be sharing of technical information and methodologies.

“In a broad way, it will be an outreach to people who have the same interests as we do,” Brouse said. “By reaching out to not only those in this country, but outside it, I think they’re trying to show our state is in a position to be one of the cybersecurity leaders. I am certain that is one of Gov. McAuliffe’s objectives.”

November 28, 2016

Volgenau's Innovative Cyber Security Program Prepares Students for Crucial Careers

George Mason University's Bachelor of Science in Cyber Security Engineering is one more example of Mason taking the lead, Sen. Mark Warner, D-Va., said at the program's official kickoff. "If you're in this program, you're very smart," Warner told students in the atrium of the Long and Kimmy Nguyen Engineering Building. "You will have careers for as long as you need them." Industry and the federal government are facing mission-critical skills gaps and looking to universities for solutions. From power grids to banks, cybersecurity needs to be integrated during the design process, not after. Mason's proximity to Washington, D.C., makes it a natural center of the cybersecurity hub, said Warner, who appointed Long Nguyen to Mason's Board of Visitors during his governorship. Read more about cyber careers

Engineering Undergrads School Young Students on Cybersecurity

Mason sophomore Jessica Miers of teaching a cyber class

“Just seeing their faces—I love watching that,” says Mason sophomore Jessica Miers of teaching a cyber class.

When George Mason University sophomore Jessica Miers sees the students she's instructing in Volgenau School of Engineering cybersecurity camps, she recalls her jarring first encounter with mentors in the cyber field. 

“I came into my cyber class thinking, ‘Oh, I’ve got this,' ” she says with a laugh. “’I know cybersecurity. I have a password on my computer. I have a firewall. Good to go. This class is going to be easy.’ ” 

When the instructor used easily accessible software to crack Miers’s “super complex” password in about 10 seconds, she discovered she didn't know as much about cybersecurity as she thought.

The Fairfax resident now pulls a similar eye-opening stunt for her students by showing them how easily she can access their supposedly deleted Snapchat photos. Read more about cyber classes


Mason Team to Partner with IBM on Research

A multidisciplinary team of George Mason University professors is partnering with IBM to research imminent advancements in the electric power industry, changes that will challenge cybersecurity for the more than 3,000 U.S. electric companies. IBM selected the multidisciplinary team, including representatives from the School of Management, the Volgenau School of Engineering, the Center for Infrastructure Protection and Homeland Security and the School of Public Policy, to receive a prestigious Shared University Research Award. The joint research team’s goal is to determine actions that companies can take in security, technology, policy, leadership and management of the grids and convey those findings to power and control system industries and their regulators. Read more about cyber security at electric companies


Volgenau School of Engineering Ranked Seventh Among Top U.S. Cybersecurity Schools

The Volgenau School of Engineering ranked as one of the nation's top 10 schools for cyber security courses and degree programs according to a Hewlett-Packard-sponsored survey of 1,958 certified Information Technology security professionals. Mason also received the second-greatest number of first-choice rankings from respondents. VSE programs got high marks for academic excellence and practical relevance. An accompanying report recognized contributions by the school's Center for Secure Information Systems, which was the first academic center in security in an American university. The center conducts broad spectrum research and development programs on information systems security, serves as a knowledge resource, develops courses, and provides technical support to industry and government. Read more about Volgenau's high ranking


Mitigating Risk on America's Rails: Researchers Test Solutions for Safer Trains

America's trains move approximately 45 percent of American commerce, and when a freight train derails, the consequences can spell disaster. To make railroads safer, Congress passed the U.S. Rail and Safety Improvement Act, which mandates safety improvement by instituting a system called Positive Train Control, or PTC. This system monitors a train's movements, speed, location, rail conditions, and other variables, through a wireless system and wayside equipment and constantly transmits vital data to the train, which reduces human error. There is, however, a trade-off with this technology. "One of the most pressing problems with trains today is security," said Duminda Wijeskera, professor in the Computer Science Department. "Traditionally, the nation used a signaling system that relied on rail workers being able to physically see the trains and the signal beacons." Read more about train safety research