Safety in the cyber age
On the night of Oct. 7, 1996, early in the fall semester, hackers broke into the Mines network and gained access to more than 1,000 websites. Documents declassified in 2016 revealed that this attack—named Moonlight Maze—was part of a two-year campaign by Russia against the United States and is considered one of the earliest state-to-state cyberattacks ever.
Now, almost 25 years later, attacks such as WannaCry and, more recently, SolarWinds, are widely known. Cybersecurity is now a regular part of business operations everywhere, and with an increasing need for more people on the front lines of the digital fight, Mines is providing the next generation of highly trained experts.
“For every IT [information technology] leader in every organization, it’s a priority,” said Monique Sendze, chief information officer at Mines.
Higher education institutions are frequent targets, Sendze said, because of the nature of their work. And because Mines often works on groundbreaking projects in conjunction with government agencies or large companies, that research can be attractive to hackers.
The increased interconnectedness of society is providing more openings for hackers, Sendze said, so cybersecurity is a bigger issue now more than ever. “There are several shifts happening in technology, with a lot of advancement in tech, like artificial intelligence, open networks, the Internet of Things, for example. Everything is connected,” she explained. “We are creating more opportunities for increased cyberattacks.”
Because cybersecurity is becoming increasingly important—Sendze said that according to the Herjavec Group, a leader in cybersecurity operations, the estimated average cost of cyberattacks in 2021 will be a whopping $6 trillion, up from $3 trillion in 2015—professionals who want to work in the computer science field need to be prepared.
Certain student organizations at Mines, such as the Mines Cybersecurity Club and Women in Computer Science, give students the opportunity to work on real-life computer science challenges and create projects for their portfolio. And two different certificate programs—Mines Cyber Defense Certificate Program, which is offered through the Center for Cyber Security and Privacy at Mines, and the online Cybersecurity for Cyber-Physical Systems Graduate Certificate, offered through the Computer Science Department—provide opportunities for focused courses that prepare students for a career in cybersecurity.
With technology essential to the work being done at Mines, creating a secure space for research to flourish is important.
“What’s really challenging is that there’s a very delicate balance between the open and collaborative nature here at Mines and protecting against cyberattacks,” said Phillip Romig, former chief information security officer and current computer science professor at Mines. “We want our students to try new things, and we want faculty to do their cutting-edge research and work with colleagues around the world. Doing that while also protecting against well-funded, well-organized, highly motivated adversaries is what makes cybersecurity so hard sometimes.”
And with the COVID-19 pandemic, cybersecurity is especially important, with many people across the country working from home. Hackers are targeting not just organizational systems but also collaborative video meeting software such as Zoom and Microsoft Teams, Sendze said.
The best way protect against cyberattacks? Vigilance, cybersecurity awareness training and building defense systems and environments, Sendze said. “Once we come up with a new defense method, the criminals find new ways to attack. It’s a cycle that never ends. We have to continue to be on our toes.”