CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

News: CERIAS Media Citings

Why Law Enforcement Can’t Stop Hackers

Tue, November 15, 2011CERIAS Media Citings

The threat that criminal hackers pose to corporate and government information systems has spiked in the past five years, according to the FBI, and shows no signs of abating. The worst part: Law enforcement is virtually powerless in cracking down on cybercrime. CIO.com investigates the challenges law enforcement officials face in investigating and prosecuting hackers.

Cybersecurity Requires a Multifaceted Approach

Wed, November 02, 2011CERIAS Media Citings

Eugene Spafford, a professor at Purdue University and founder and executive director of the Center for Education and Research in Information Assurance and Security, said the real problem is the belief that flawed systems can be secured retroactively, either by add-ons or by compelling users to act in ways they are not used to.
Even if agencies have policies to provide training, they are often too specific or too ambiguous, he said. For example, take the “don’t open any suspicious e-mails” approach. What exactly constitutes a suspicious e-mail message? Many of the social engineering attacks occurring today are designed to not look suspicious, Spafford said.
“The approach that’s currently been taken is sort of the equivalent of telling employees, ‘when you come to work, don’t open any square blue boxes.’ But then someone sends in square red boxes, and they all get taken,” he said.
The federal government’s efforts to transition to cloud-based services and technologies could also mean more security problems, he suggested. Following trends or big pushes to save money often mean that security issues fall lower on the priority ladder.
“That’s partly why we have vulnerable systems today, because the idea was, ‘we’ll buy whatever is the cheapest thing on the market’ to save money rather than actually thinking through building a strong, secure infrastructure,” Spafford said.

Spafford to Give Keynote Address at Anti-Phishing Conference

Wed, November 02, 2011CERIAS Media Citings

Some of the security industry’s biggest minds will gather Nov. 7-9 at San Diego for a conference dripping with acronyms, computer jargon and geek-speak. The conference is the jamboree of APWG — Anti-Phishing Working Group to those not initiated into the mysteries of cybercrime terminology. A keynote address by Eugene H. Spafford, professor of computer sciences at Purdue University, will review new technologies and systems being used to protect Internet works and data resources.

Purdue Difference Maker: Professor David Ebert

Tue, October 11, 2011CERIAS Media Citings

As director of VACCINE, a Department of Homeland Security Center of Excellence, David Ebert’s goal is to help our nation’s 2.3 million extended homeland security personnel, including first-responders, perform their jobs more effectively by turning mass amounts of data into manageable information.

Obama Establishes Insider Threat Task Force

Mon, October 10, 2011CERIAS Media Citings

President Obama issued an executive order Friday that establishes an Insider Threat Task Force to prevent potentially damaging and embarrassing exposure of government secrets, such those made public by WikiLeaks.
Eugene Spafford, executive director of Purdue University’s Center for Education and Research in Information Assurance and Security, said the president’s action was long overdue. “Why haven’t they been doing this already?” asked Spafford, who has testified before Congress on IT security matters. “This is at least 10 years too late, if not 20.”

Internet Risks Will Drive Users Offline, Researcher Predicts

Wed, October 05, 2011CERIAS Media Citings

A focus on securing legacy IT architectures rather than on developing secure technology has created an untrustworthy environment that eventually will drive users offline, said Purdue University professor Eugene Spafford.

Watson Co-Authors Facebook Security Guide Watson Co-Authors Facebook Security Guide

Fri, August 19, 2011CERIAS Media Citings

Keith Watson, a Research Engineer with CERIAS, recently co-authored a new publication about Facebook security.

A Guide to Facebook Security” (PDF) is a free, 20-page pamphlet geared primarily toward teens, their parents, and teachers. Co-written with fellow security expert Linda McCarthy and teacher/editor Denise Weldon-Siviy, it is available to view and download from Facebook.

Get Your Degree with CERIAS