With a warning of “malicious cyber activity” hitting the industry, Sandia National Laboratory’s Cyber Engineering Research Laboratory (CERL) formally opened last month.
Prior to the opening the FBI and the Department of Homeland Security issued that warning, which joined a growing flood of news releases from major businesses and large institutions acknowledging their websites suffered hack attacks and compromised data.
U.S. Sen. Tom Udall, D-NM, mentioned Winston Churchill’s book “While England Slept,” which in 1938 criticized the English government’s lack of preparation against the threat from Nazi Germany.
“Cyberthreat is not one of guns and tanks but we need to take it seriously. … The threat is real to … our water systems, oil pipelines, hospital systems … and we should bring justice to those who would do us harm. CERL is a crucial part of our defenses,” Udall said.
Activities at CERL — located in the Sandia Science & Technology Park — should unite computing expertise from across Sandia Labs with that of universities and businesses to develop long-term solutions against the increasingly serious challenges posed by hackers and cybercriminals to individuals, business and government.
U.S. Rep. Ben Ray Lujan, D-NM, who stressed partnerships between businesses and New Mexico’s national labs, Sandia and Los Alamos, said, “Personal information taken and used in some way, from an ATM machine or anywhere else, can allow someone from around the world to get into something personal (of a U.S. citizen).”
Albuquerque Mayor Richard Berry said the takeover of four TV stations by attackers who jokingly advertised “the zombie apocalypse” was not funny in what it said about communications security.
“Our cybersecurity needs will not recede in time but only get greater as data complexity gets greater. … There is no scientific silver bullet,” said Dimitri Kusnezov, chief scientist and director of the Office of Science and Policy at the National Nuclear Security Administration. The key is to train our people to be more aware, smarter, building in as many safeguards as we can, co-developed with technology. Centers like this can forward these steps,” he said.
Sandia President and Labs Director Paul Hommert spoke in support of Kusnezov’s comprehensive approach to move security forward: Better training, improved search algorithms, another level of equipment.
“(Cybercrime) can’t be tackled alone,” Hommert said. “The public and private worlds must combine efforts to work as a team.”
He mentioned Sandia’s Center for Cyberdefenders student internship program, which has honed the skills of more than 300 students in the past decade in an effort to develop the next generation of cyber workers.
CERL projects are more complex than what the public may imagine to be a James Bond-style response to strike back immediately at cyber adversaries.
One project improves and tests algorithms to prevent adversaries from penetrating emails or damaging websites. The effort involves a kind of electronic topographical map that charts entry points and paths of a large number of emails within a system to recognize anomalies — messages that stand out because of their oddness.
In another, the brainwaves of students wearing electroencephalograph caps (the same as used in hospitals and gaming) map to build a library of what success looks like in handling particular cyber tasks. The idea is to cut in half the time needed to train a cyber security professional — by some estimates, about five years.
Students from colleges and high schools also compete in virtual cyber exercises to solve enough digital clues to catch an imaginary “bad guy” molesting the economic well-being of a large coffee company.