{"id":114527,"date":"2016-07-18T10:37:28","date_gmt":"2016-07-18T14:37:28","guid":{"rendered":"https:\/\/today.uconn.edu\/?p=114527"},"modified":"2016-07-18T16:06:38","modified_gmt":"2016-07-18T20:06:38","slug":"black-hats-cyber-bots-zombies","status":"publish","type":"post","link":"https:\/\/today.uconn.edu\/2016\/07\/black-hats-cyber-bots-zombies\/","title":{"rendered":"Black Hats, Cyber Bots, Zombies, and You"},"content":{"rendered":"<p><strong>Cyberattacks come in all shapes and sizes. <\/strong>Experts say it could be only a matter of time before they pose a real threat to our daily lives. The electronic devices in our world today are interconnected like never before. Our cars are no longer machines, but rolling PCs with different components constantly talking to one another. Our watches are phones. Our phones are high-speed computers. And with all this increased convenience comes greater vulnerability. In the constant rush to get new products to market, security can be an afterthought.<\/p>\n<figure id=\"attachment_114537\" aria-describedby=\"caption-attachment-114537\" style=\"width: 375px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/today.uconn.edu\/wp-content\/uploads\/2016\/07\/UConn_Key_CT-06-e1468851403485.jpg\"><img decoding=\"async\" class=\"wp-image-114537 img-responsive lazyload\" data-src=\"https:\/\/today.uconn.edu\/wp-content\/uploads\/2016\/07\/UConn_Key_CT-06-791x1024.jpg\" alt=\"Illustration by Hoodzpah Design Co.\" width=\"375\" height=\"485\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 375px; --smush-placeholder-aspect-ratio: 375\/485;\" \/><\/a><figcaption id=\"caption-attachment-114537\" class=\"wp-caption-text\">Illustration by Hoodzpah Design Co.<\/figcaption><\/figure>\n<p>Fortunately, a crack team of cybersecurity specialists at UConn \u2013 led by John Chandy, an electrical and computer engineering professor, and Laurent Michel, an associate professor of computer science and engineering \u2013 is working to protect our information. The Comcast Center of Excellence for Security Innovation is advancing research to strengthen the nation\u2019s electronic information networks and training a new generation of hardware, software, and network security engineers to protect the integrity of everything from small consumer electronics to the complex computer systems running our major industrial, financial, and transportation systems.<\/p>\n<p>Secured behind passcode-protected entry doors, the Comcast lab is embedded deep inside one of UConn\u2019s main academic buildings. Getting there can be an adventure.<\/p>\n<p>If you visit the lab via the building\u2019s main door, you must go down a set of stairs, along a long hallway to the rear of the building, then it\u2019s a quick left, quick right, another left, up a ramp, through some fire doors, past the locked doors of several large humming mechanical rooms, another right, another left, yet another right, and finally a quick left and you are there. Or you might be. It\u2019s hard to be sure, because there is absolutely no indication of where the lab is on any of the directional office signs. Even next to the lab\u2019s main door there is only a small 9- by 6-inch plaque in letters slightly larger than what you are reading here.<\/p>\n<aside class=\"grey-sidebar full-sidebar\">\n  <strong>Lisa wasn\u2019t looking forward to<\/strong> the confrontation. Her aging mother, bedridden with various ailments and dependent on care, was really angry this time. For months she had suspected Sarah, her live-in nurse, was stealing her money. And now, the latest bank statement confirmed it. On top of it all, Sarah always seemed to be on her iPad when her mother needed her. The chest pains were back. The small automatic defibrillator under her mother\u2019s skin activated twice in the past two months. The stress wasn\u2019t good.<br \/>\nLisa enters the house. She eyes Sarah, who is standing, her back to her, at the kitchen counter \u2013 again, on her computer. Lisa walks into her mother\u2019s room, careful to speak softly so their conversation won\u2019t be overheard. Within a few minutes, Lisa notices her mother\u2019s color start to change. She seems to have trouble breathing. Sweat builds on her upper lip. She tells Lisa she feels strange, like her heart is racing out of control. The device in her chest keeps vibrating, sending sharp shocks into her heart muscles. The shocks are getting stronger. Her mother cries out in pain. Lisa calls frantically for Sarah. No response. Her mother goes limp.<br \/>\nBack in the kitchen, Sarah quietly shuts down her iPad and walks toward the bedroom.<br \/>\n<strong>FBI Alert Number I-091015-PSA:<\/strong><br \/>\nInternet of things poses opportunities for cyber crime<br \/>\n<em>\u201ccriminals can gain access to unprotected devices used in home health care, such as those used to collect and transmit personal monitoring data or time-dispense medicines\u201d<\/em><\/aside>\n<p><strong>White Hat Hackers<\/strong><\/p>\n<p>Talk to Michel or Chandy for a few minutes and you begin to get a sense of what life is like in their world of electronic espionage. And if you leave feeling a little paranoid, well, that\u2019s to be expected.<\/p>\n<p>Michel will tell you that the world is filled with hackers and malicious machines known as zombies, or computer bots, which hackers have seized via remote control and without their owners\u2019 knowledge or permission. Those machines are constantly scouring the Internet trying to steal information from your, my, and everyone else\u2019s computers. From the moment you open your laptop and connect to the Internet, your computer is likely getting assaulted by malicious attacks, Michel says. If your computer\u2019s security is good and you keep current with all the latest security updates, chances are you\u2019re successfully fending off most of them \u2026 for now. But hackers are a relentless and mischievous bunch. All it takes is one click on a bogus email, one click on an infected website, and the black hat hackers are in.<\/p>\n<p>The good news is that amid the piles of green motherboards, electrical wiring, testing equipment, and computer consoles, Chandy, Michel, and a team of about a half-dozen very talented graduate and undergraduate students are playing the role of said hackers. Here, however, they are the good guys. Michel likes to describe the team as \u201cethical hackers,\u201d white hats probing ever deeper into the Comcast Center\u2019s hardware and computing systems to expose potential vulnerabilities.<\/p>\n<figure id=\"attachment_114544\" aria-describedby=\"caption-attachment-114544\" style=\"width: 375px\" class=\"wp-caption alignright\"><a href=\"https:\/\/today.uconn.edu\/wp-content\/uploads\/2016\/07\/ct_CyberSecurity_edits-03-e1468851567113.jpg\"><img decoding=\"async\" class=\"wp-image-114544 img-responsive lazyload\" data-src=\"https:\/\/today.uconn.edu\/wp-content\/uploads\/2016\/07\/ct_CyberSecurity_edits-03-791x1024.jpg\" alt=\"Illustration by Hoodzpah Design Co.\" width=\"375\" height=\"485\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 375px; --smush-placeholder-aspect-ratio: 375\/485;\" \/><\/a><figcaption id=\"caption-attachment-114544\" class=\"wp-caption-text\">Illustration by Hoodzpah Design Co.<\/figcaption><\/figure>\n<p>The battle between the white hats and the black hats is constant. Cybersecurity is an ever-shifting landscape as new technologies, system updates, viruses, worms, and attack strategies emerge on the Internet.<\/p>\n<p>\u201cJohn and I are constantly on the lookout for what\u2019s happening,\u201d says Michel. \u201cWhat are the new vulnerabilities? What are the latest attacks? To do this properly, you have to be like a surfer. You have to be on top of the wave, not behind it. You have to keep moving and always stay a little bit ahead.\u201d<\/p>\n<p>If the lab is successful at breaking into a system, that\u2019s a good thing. Exposing a vulnerability in the lab gives vendors the opportunity to correct a problem before a product goes to market or to fix a problem if the product is already in circulation.<\/p>\n<p>If the research team fails to get into a system, well, that\u2019s okay too. That means the system\u2019s designers are on top of their game and did a great job protecting the system\u2019s integrity and locking it tight.<\/p>\n<p>Since it opened, Chandy says the lab has made significant discoveries that helped vendors and saved consumers considerable headache. But because of the often secretive nature of the lab\u2019s work and its basis in security, the limelight of commercial success doesn\u2019t always extend to the lab\u2019s cubicles and workbenches.<\/p>\n<p>When students find a potential vulnerability in a system, the lab immediately notifies the vendor or system provider so the weakness can be addressed. A lot of times, news of the discovery stops there. Chandy recounts a time when he and other lab members heard of a significant system vulnerability being discussed at a national cybersecurity conference. It sounded familiar. Chandy turned to his colleagues and whispered, \u201cDidn\u2019t we find that months ago?\u201d Such is the nature of the business.<\/p>\n<p>\u201cThe lab we have here is pretty unique for a university,\u201d says Chandy. \u201cA lot of times, the way we get into these systems is not necessarily through back doors. I would call them testing and debugging phases.<\/p>\n<p>\u201cOne of the things a vendor wants to do when they release these systems is they want to test it\u201d he adds, \u201cso they leave the interfaces open so we can do just that.\u201d<\/p>\n<aside class=\"grey-sidebar full-sidebar\">\n  <strong>It\u2019s finals week and Tom<\/strong>, a UConn senior, is crazed. He has three tests in two days. His car loan is due. His student loan payment is due. His roommate is an all-day partier who never gives him a moment\u2019s rest back at the dorm. Desperate for a quiet place to work, Tom heads to a library off campus. It\u2019s one of his favorite places to study, and it offers free Wi-Fi. He throws down his backpack and pulls out his laptop. Finally. Peace. He logs on. The laptop immediately attaches to the library\u2019s wireless connection. Tom calls up his bank, logs in to his checking account, and makes a quick loan payment for his car. Done. Now the student loan. He logs in to the loan service, accesses his account. Paid. Done.<br \/>\nIn a study carrel in another part of the library, Tina, a bright young lady with a gift for computing and a keen resentment for all of the preppy college kids in town, has set up an alternate Wi-Fi base on her laptop. Her network identifies itself by the same name as the library\u2019s network and is coded to override it. Library visitors\u2019 laptops recognize the familiar Wi-Fi and automatically connect. All of their information \u2013 the sites they visit, their logins, their passwords, their emails, their Facebook posts \u2013 are now funneling through Tina\u2019s bogus network and straight to her hard drive. She sits back and smiles. Tina has bills to pay too. And Tom\u2019s information was just what she was waiting for.<br \/>\n<strong>FBI Alert Number I-091015-PSA:<\/strong><br \/>\nInternet of Things poses opportunities for cyber crime<br \/>\n<em>\u201cdevices with default passwords or open Wi-Fi connections are an easy target for cyber actors to exploit\u201d<\/em><\/aside>\n<p><strong>The Internet of Things <\/strong><br \/>\nSome of the latest technology on the market involves what Chandy calls the Internet of Things. People used to have a personal computer that did one job. A watch that did another. A phone that had its uses, and a TV or thermostat with separate functions. Now, with the Internet of Things, all of those devices are capable of interacting and talking to one another. You can turn up your home thermostat from work using your smart phone. You can check your email on your watch and pay your bills through your TV.<\/p>\n<p>But with all that convenience and interconnectivity comes increased vulnerability. Keeping your information safe on all those different platforms is this team\u2019s task.<\/p>\n<p>\u201cWe\u2019re mainly looking at things from a hardware level, those devices that are going out in the field and whether they are properly protected. We try to come up with scenarios that make sense from an attacker\u2019s perspective,\u201d says Chandy. \u201cWe take on the role of the hacker because if we can do it, that means a hacker can do it, too.\u201d<\/p>\n<aside class=\"grey-sidebar floating-sidebar col-xs-12 col-sm-4\">\n  <strong>CSI Cyber \u2013 UConn<\/strong><br \/>\nMore than 20 faculty members and more than 100 graduate students in the schools of Engineering and Business are conducting research through the Connecticut Cybersecurity Center at UConn. They are examining cryptography and cryptanalysis; data security and privacy; information fusion and data mining for Homeland Security; and trustable computing systems.<br \/>\nThe academic research building that houses the Comcast Center of Excellence for Security Innovation houses two other major cybersecurity labs. The Center for Hardware Assurance, Security, and Engineering (CHASE) contains some of the most advanced equipment available to conduct security analysis on nanoelectronics. Its research focuses on counterfeit device detection and preserving the integrity of silicon microchips, the very cornerstones of the worldwide computer industry. The building also is home to the Center for Voting Technology Research (VoTeR Center), which investigates new technologies to ensure the integrity of the electronic voting process.<\/aside>\n<p>As an academic lab, the Comcast Center is also a place of learning. The testing that is done here is not a matter of repetitive trial-and-error assaults, but a more deliberative, targeted, scientific process.<\/p>\n<p>\u201cThink of it like a game of Clue,\u201d says Michel. \u201cIt\u2019s not like we try something just to find out if it works or not. As we attempt an attack, we gather evidence along the way. That evidence may betray something about the platform, the device, the software that we are trying to test. Once we have that information, we regroup and discuss what we have learned and its implications, and then we try to develop more experiments and high-end scenarios so we can learn more. So it\u2019s not like we have this dictionary of 20 different attacks and we try them all sequentially. It\u2019s a much more principled approach.\u201d<\/p>\n<p>The students working in the lab operate in silence. A young woman types away intently on her keyboard. A bearded student in a New York Giants T-shirt sighs heavily, steps away from his computer for a brief break, then returns. Focused. Once again engrossed with the task before him at his work station. Two sage green walls in the rear of the lab are covered with black ink diagrams and hastily scrawled text.<\/p>\n<p>An eviscerated teddy bear sits on a desktop.<\/p>\n<p>\u201cStress relief, John?\u201d a visitor asks, pointing to the multicolored wires ripped out of the bear\u2019s abdomen.<\/p>\n<p>\u201cSide project,\u201d Chandy answers with a sly grin. Then he explains that even a children\u2019s toy as innocuous as a teddy bear can be a personal security threat. In this case, the interactive bear has a small computer inside that Chandy\u2019s lab found lacked authentication protection. It could be hacked, potentially exposing the owner\u2019s and other bear owners\u2019 personal information with a few strokes of cyber sleight-of-hand.<\/p>\n<p>\u201cThe students here are developing skills that none of them had a year ago,\u201d says Chandy. \u201cThe skills they are developing would make them great hackers. But it is also making them great engineers.\u201d<\/p>\n<aside class=\"grey-sidebar full-sidebar\">\n  <\/p>\n<p><figure id=\"attachment_114541\" aria-describedby=\"caption-attachment-114541\" style=\"width: 300px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/today.uconn.edu\/wp-content\/uploads\/2016\/07\/ct_CyberSecurity_Car-02-e1468851424726.jpg\"><img decoding=\"async\" class=\"wp-image-114541 img-responsive lazyload\" data-src=\"https:\/\/today.uconn.edu\/wp-content\/uploads\/2016\/07\/ct_CyberSecurity_Car-02-767x1024.jpg\" alt=\"Illustration by Hoodzpah Design Co.\" width=\"300\" height=\"400\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" style=\"--smush-placeholder-width: 300px; --smush-placeholder-aspect-ratio: 300\/400;\" \/><\/a><figcaption id=\"caption-attachment-114541\" class=\"wp-caption-text\">Illustration by Hoodzpah Design Co.<\/figcaption><\/figure><\/p>\n<p><strong>Megan is driving her new sedan <\/strong>to the mall to get her nails done before heading to work at the deli down the road. She decides she has time for a coffee and heads for her regular caffeine spot, where barista Tim likes to flirt with her by writing funny names on her cup. Never just \u201cMegan.\u201d<br \/>\nShe waits for the oncoming traffic to clear and turns left into the plaza. But the car keeps going straight. She spins the steering wheel. Nothing. Pumps the brakes. Nothing. The car accelerates toward the next intersection, while Megan continues pumping the brakes wildly. Nothing.<br \/>\nShe\u2019s about to collide with a black pickup truck covered in skull decals, when the car slams to a stop. The light turns green. Traffic moves forward. With her foot pushing the brake pedal to the floor as hard as she can, Megan\u2019s car rockets forward. Two towns away, Brian leans back in his ergonomic desk chair, grinning at the wall full of screens depicting moving cars \u2013 including Megan\u2019s.<br \/>\n<strong> FBI Alert Number I-031716-PSA:<\/strong><br \/>\nMotor Vehicles are Increasingly Vulnerable to Remote Exploits<br \/>\n<em>\u201cresearchers could gain significant control over vehicle functions remotely by exploiting wireless communications vulnerabilities\u201d<\/em><\/aside>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>UConn&#8217;s Cybersecurity Lab is beating computer hackers at their own game.<\/p>\n","protected":false},"author":12,"featured_media":114543,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_crdt_document":"","wds_primary_category":0,"wds_primary_series":0,"wds_primary_attribution":0,"footnotes":""},"categories":[1866,2076,2225],"tags":[],"magazine-issues":[],"coauthors":[1928],"class_list":["post-114527","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-engr","category-research","category-uconn-storrs"],"pp_statuses_selecting_workflow":false,"pp_workflow_action":"current","pp_status_selection":"publish","acf":[],"publishpress_future_action":{"enabled":false,"date":"2026-05-10 06:21:30","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/posts\/114527","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/comments?post=114527"}],"version-history":[{"count":8,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/posts\/114527\/revisions"}],"predecessor-version":[{"id":114550,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/posts\/114527\/revisions\/114550"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/media\/114543"}],"wp:attachment":[{"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/media?parent=114527"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/categories?post=114527"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/tags?post=114527"},{"taxonomy":"magazine-issue","embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/magazine-issues?post=114527"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/today.uconn.edu\/wp-rest\/wp\/v2\/coauthors?post=114527"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}