Special Agents Michael Tunick and Jeff Williams of the cyber security division in Boston’s FBI office gave a security tech talk about digital security measures last Friday in the Integrated Learning Center. The talk, which was organized by UMass’s Information Technology Department, was attended by approximately 100 people.
Tunick and Williams, who worked respectively in computer security research and IT consulting before joining the FBI, spoke on the FBI’s cyber program, the latest trends in cyber security and employment opportunities relating to cyber security.
“Cyber security has been our top priority after terrorism and counter-intelligence since 2002,” Williams said.
Tunick described the FBI program mission as addressing and resolving complex computer intrusions on levels of national security, such as the protection and retrieval of government information, and criminal activity.
The agents said that the FBI also combats criminal computer security attacks that are usually financially motivated to protect individuals, businesses and industries in the U.S.
The FBI also takes up international incidents, said Tunic, adding that out of 64 special agents working with foreign embassies abroad, 13 of them focus on cyber security.
The talk also illustrated what kinds of targeted perpetrators exist within cyber security. Williams spoke of hacktivists such as Anonymous who challenge cyber security in the name of social and political causes, and hacker groups who skirt between what is legal and illegal.
Tunick also mentioned financially motivated criminals that target lucrative businesses and industries.
The FBI’s cyber security division also targets espionage cases, which comprise of nation state actors trying to obtain illegal information. The last category they spoke of was warfare, where groups use computer network operations to commit sabotage and disrupt critical systems.
“We work on the criminal squad and a little of espionage,” Tunick said.
Both agents cited the 2015 Verizon Data Breach Investigation Report, which involved 70 contributing organizations spanning over 61 different countries to provide increasing awareness on the prominence and cause of cyber security threats globally. The agents said that most cyber security incidents occur within the government and financial sector.
Out of 2,122 cases of confirmed data breach in the report the highest proportion, 29.4 percent was attributed to human error, said the agents.
The agents said that the root cause of data breaches is normally human decision-making. They added that if half of the employees in an organization get a phishing email, which attempts to steal sensitive information from users who open them, but just one person opens it, a lot of damage could occur.
“It costs on average $5.4 million per incident within companies and takes 123 days to resolve,” Williams said.
They also discussed the current trends in cyber security threats. Tunick described how an unauthorized intruder can create a fake UMass domain like UMA5S.EDU, making it look like a higher authority through email to expose sensitive information. It especially exerts pressure on people who handle wire transfers, the electronic transfer of funds from different entities, to send money.
The agents said that this can be also applied to the business and university setting where, with the increasing utility of professional networks like LinkedIn, much professional information exists.
The agents said that another current trend are bot net attacks, which aim to maliciously steal data through the unauthorized control and exploitation of a network of private computers with infected malware.
In addition, within the video-gaming culture, gamers are constantly under threat from other players online, the agents said. They said it is frequent to encounter Distributed Denial of Service attacks on IP addresses when gamers enter into a conflict and seek retribution. There are also reports of increased trash talk online.
They said that another prominent trend is swatting, where gamers deceive an emergency service into dispatching an emergency response, like a SWAT team, for a false emergency incident to where another gamer is located, putting the gamer in serious danger.
The special agents provided suggestions for the creation of a safer online environment within the university by stressing the education of users on different threats. They said it is easier for students to post a problem to social media than go to the university help desk, which creates the need to resort to social media to create awareness of technology issues around campus.
They also suggested that students not ignore important software updates for antivirus software and firewalls, as well as using complex passwords.
The agents also encouraged people to know the infrastructure and administrative rights within the school network and what kinds of devices are connected to it, and keeping tabs on flash bulletins which report bad activity in the internet posted on infragard.org for prevention and security.
Tanaya M. Asnani can be reached at [email protected].