Academics teach defense professionals new cybersecurity tactics

Cybersecurity experts are modifying training approaches for defense-community students and professionals to help them better prepare for anticipated future cyberattacks, said academic experts who are testing the new training. 

Professors at Champlain College, Vt., work through an alliance program call “truED” which partners with government agencies and corporations. The Office of Personnel Management has an agreement with Champlain to offer online graduate and undergraduate courses at a significant discount.

The students are primarily adult professionals at different points in their careers. They include many members of federal agencies. In total, there are as many as 3,000 federal employees enrolled in truED.

The courses are aimed at preparing current and future cyber professionals for wide range of potential cyber-attacks, such as malicious malware or viruses in networks, systems and data-bases. A leading information security expert says “phishing” attacks are likely to emerge as a frequent or chosen method of cyberattack.

“Ninety-percent of intrusions start with phishing attacks. This is where the vast majority of attacks are happening-- through emails designed to compromise systems with malicious software,” said Ric Messier, Cyber Security Program Director at Champlain College.

The problems the students are taking up, Messier added, pertain to broader cyber security trends and threats likely to receive large-scale and wide-ranging attention in coming years. 

Messier believes the training at Champlain brings far-reaching implications for cyber security across the entire government landscape.

 Messier emphasized that even though reasonably effective spam filters are in place, however when new viruses arrive it often takes time for filters to recognize a threat coming from a problematic source.

“Spam filters include complex algorithms to determine what is junk email so it will not be delivered. People need to have a better understanding of what those messages look like and how best to protect themselves,” Messier added.

However, filters may not be enough, as many of them can be penetrated. Improved knowledge of the types of questionable or risky emails is key to the preparation efforts.

So the courses focus on informing network users about the scope of potential risk. There is often a disconnect between understanding the actual risks and the solutions implemented to address them, he explained.

“There are ways to stop them if there is enough motivation to do the right thing with emails,” Messier said.

Properly understanding firewalls is a good example since users may have an unrealistic belief in their ability to detect and deter dangerous traffic.

Domain Keys Identified Email, is one important method of verifying that a particular message is legitimate and attached to a particular domain. Another approach, called Sender Policy Framework, also works to accurately identify and verify the person or server sending a message.

“If someone is opening emails with malware, somebody is opening the front door for the attacker,” Messier added.

Alongside concerns about “phishing,” Messier identified a number of expected threat areas also being emphasized in the training. The idea is to help bring people up to speed on what kinds of attacks are likely to occur, in order to better protect against them.

Stealing usernames and passwords, Messier explained, is a particularly insidious element of these kinds of attacks. As part of this concern, sites where something can be purchased often constitute a particular way for an attacker to glean personal information and store data.

“Cybersecurity is everyone’s problem,” Messier said.