News: CERIAS Media Citings
Experts say investigations into cybercrime are complicated, and that police are probably making progress that isn’t readily apparent.
“So long as you don’t have someone very sophisticated doing it, they are likely to get caught,” said Professor Eugene H. Spafford, who studies cybersecurity at Purdue University.
Congratulations to CERIAS-affiliated professors Dongyan Xu and Xiangyu Zhang whose research “Toward vetted sensing and control system firmware and software” project is being supported by the U.S. Navy.
CipherCloud’s Dr. Chenxi Wang interviewed Dr. Eugene Spafford, the executive director of CERIAS center, Purdue University. Below is a summary of the interview conversation.
Eugene Spafford, the executive director of Purdue’s Center for Education and Research in Information Assurance and Security, says in the case of Anthem and others, the costs and dangers are hidden. “The personal information they listed can represent a problem for people for years to come,” he said. “That’s information that can be used for identity theft, extortion and to gain people’s trust. So, it really is a big problem, even if medical or credit card information is not given out. The company providing a year or two of credit monitoring won’t fix that.”
The study shows that when we think we have privacy when our data is collected, it’s really just an “illusion,” said Eugene Spafford, director of Purdue University’s Center for Education and Research in Information Assurance and Security. Spafford, who wasn’t part of the study, said it makes “one wonder what our expectation of privacy should be anymore.”
“If the government wanted to do something about this, I would suspect they would do something more targeted toward the leadership rather than just shutting down the network,” said Eugene Spafford, a professor of information security at Purdue University. “Teenagers with botnets regularly shut down networks.”
Targeting the financial assets of North Korean leaders (rather than the country’s Internet equipment) would be much more closely aligned with President Obama’s warning of a “proportional response” — and something the White House could accomplish that nameless hacktivists probably couldn’t on their own, Spafford added.
Though not schooled in IT and IT security, cyber is an area of interest for Carter in which he has been involved in for many years. “He knows enough about [cyber] that he likely knows when he should call on domain experts for more information, something not all of our national leaders have done,” says Gene Spafford, founder and executive director of the Center for Education and Research in Information Assurance and Security at Purdue University.
When will we reach the tipping point? Spafford has this to offer, “If we keep patching, the system will collapse under the weight of all those patches.”