White House Selects Fordham for Cybersecurity Rollout

As co-host to the International Conference on Cyber Security (ICCS) with the FBI, Fordham has an established presence in the intelligence community. Now, Fordham has been selected by the White House as one of three New York City universities to be part of a national rollout of an executive order that calls for a framework to reduce the nation’s cyber risk.

Titled “Reducing the Nation’s Cyber Risk: White House Insights on the President’s Critical Infrastructure Framework,” the event will feature a panel discussion and keynote address from White House Director for Cybersecurity Critical Infrastructure Protection Samara Moore.

The School of Professional and Continuing Studies (PCS) and the Computer and Information Sciences Department will host the event on Tuesday, March 11 at both the Lincoln Center and Westchester campuses. Similar events will take place at Columbia and New York Universities.

“It fits perfectly with Fordham’s cybersecurity interests,” said Isabelle Frank, Ph.D., dean of PCS. “There's a track record here.”

Among the panelists will be Fordham's Frank Hsu, Ph.D., Clavius Distinguished Professor of Science and professor of computer and information science. Other panelists include:

• Jon Boyens, senior advisor, information security, Information Technology Laboratory, National Institute of Standards and Technology (NIST), U.S. Department of Commerce
• Bob Kolasky, director of strategy and policy, U.S. Department of Homeland Security
• Doug Wylie, director, Product Security Risk Management, Rockwell Automation
• David J. Youssef, cyber incident investigator, Citigroup; teaching fellow, Department of Computer and Information Sciences.   

The panel will be moderated by Michael Coden,, vice president of the New York Section of  ISA99 Cyber Security Standard Working Group and vice president at NextNine.

Coden said the discussion will address how President Obama's new cyber security framework will affect nearly all industries, including energy, finance, healthcare, communications, transportation, water, chemicals, IT, defense, manufacturing, and nuclear weaponry.

“And lawyers,” said Coden. “This will be big business for the legal profession.”

Tuesday, March 11th

Westchester Campus
8 – 11:30 a.m.
Rooms 228-230

Lincoln Center Campus
1:30 – 4:30 p.m.
12th-floor Lounge
E. Gerald Corrigan Conference Center

-Tom Stoelker

Simulation Showcases New Technique for Cyberwars

Cyber warfare is in many ways similar to traditional warfare in that there are techniques one can practice in “war games” to gauge whether you are prepared against your enemies.

At a breakout session on day two of ICCS2013 Kristin E. Heckman, D.Sc., lead scientist at MaClean, Va.-based MITRE Corporation, and Frank J. Stech, Ph.D., principal investigator for MITRE, described a simulation they conducted in January 2012 that tested a new technique for defense: Denial and Deception.

The concept behind “St. Louis Experiment II,” was to utilize a new program dubbed Blackjack to detect when a team of hackers infiltrated the target, (C2 Mission System). Instead of kicking them out, it redirected the hackers to another server and rewrote, in real time, the content they were seeing—mimicking the Trojan Horse concept where hackers think they are getting something they aren’t

“This is an enormous task, dynamically rewriting the content based on policy, and doing it in real time, and trying to ensure there are no time delays or any other issues with delivery,” Heckman said.

The test pitted teams from a fictional Republic of New England against the Republic of Virginia, with Washington D.C. stuck in the middle of what was dubbed the “Borderlands.” 

The results, which the team published as “Active Cyber Network Defense with Denial and Deception,” in the journal Computers & Security, where mixed. 

Even though Blackjack was unsuccessful because hackers were able to infiltrate the target undetected and therefore saw content being altered, Heckman said the Denial and Deception concept is still very promising. 

And, the other side, said Heckmann, believed they had a “double agent”, which was not true and which “we could have used to our benefit.”

—Patrick Verel

Internet Content Delivery Exec Details Security Techniques for Web

When you visit your local bank’s website, the chances are very good that what you are seeing is not hosted on the bank’s computer servers. 

Rather, what you’re seeing is most likely stored on one of a thousand different servers around the world that are maintained by Cambridge, Mass.-based Akamai Technologies.

Only when you try to say, transfer funds from one account to another, will you be directed to the banks’ server. But even then, you are only interacting with it via a proxy server that is also maintained by Akamai, which maintains 127,000 servers in 81 countries around the world. 

That, said Bruce Maggs, Ph.D., is an example of how the company’s perimeter cloud computing design helps ward off distributed denial of service (D.D.O.S.) attacks. 

Maggs, the Pelham Wilder Professor of Computer Science at Duke University and Vice President of Research at Akamai Technologies, described Akamai’s role in protecting computer systems at the 2013 International Conference on Cyber Security (ICCS), hosted by Fordham and the Federal Bureau of Investigation.

He used his talk on Tuesday, "The Big Target: Content Delivery networks Under Cyber Attack," to walk through case studies of four phases of “Operation Ababil,” a series of cyber attacks against American financial institutions that started in September 2012. 

The goal of having such a decentralized design is to make it harder for D.D.O.S. attacks, which subject target servers to a torrent of data requests, to take down the entire system, while legitimate queries are redirected to unaffected servers. Maggs noted that for this reason, Akamai is entrusted to host the websites for the FBI and the White House.

It’s important to have systems such as these in place, because he pointed out that the number of major D.D.O.S. attacks, (those over 100 gigabits) is rising, with a record 768 incidents last year. 

“You can cause multi server disruptions for a small number of users, but you would really need a tremendous number of attackers to take out a fraction of our servers at once,” he noted. 

“In fact, it’s our belief that if anyone had enough fire power to bring a large number of servers down through denial of service attacks, at that point, they would have melted down the whole internet anyway, and there would be bigger problems than breaking down Akamai.”

—Patrick Verel

Pair of ICCS Speakers Call for Coordinated Cyber Security

Melissa Hathaway

In back-to-back talks on Aug. 7 at Fordham’s Lincoln Center campus, Melissa Hathaway of Hathaway Global Strategies and Sandra Stanar-Johnson of the National Security Agency called for coordinated efforts to combat cyber terrorism. 

"When we’re talking about cyber security, it’s not the United States versus the world and it's not the private sector versus the public sector," Hathaway said. 

Their talks were part of day two of 2013 International Conference on Cyber Security (ICCS), hosted by Fordham and the Federal Bureau of Investigation

She added that since there are more devices in the U.S. than there are people, almost every aspect of daily life is effected by technology. This will only increase, she said, as everything from medical files to drinking water relies on some form of digital infrastructure. 

As technology evolves, innate tensions are becoming more pronounced, such as the need for information sharing versus data protection, or freedom of expression versus political stability. 

"Along with the changes, we're seeing the challenges of democracy," she said. "People are using the Internet to overthrow governments." 

Sandra Stanar-Johnson

She said that that while leaders wrestle with complex problems, they will also be called upon to communicate the issues into everyday language. 

"We have to be able to describe the problem to my mother and my son," she said. 

The risks are too huge not to face the problem, she said, with the U.S. already losing $300 billion annually to intellectual property theft. She added that 10 percent of American children under the age of 18 have already had their social security number stolen. She cited the example of one 16-year-old who cannot get a college loan because cyber theft marred his credit and put him $750,000 in debt. 

"I would argue that all of us are victims," she said. "But enough complaining, we need heroes." 

Stanar-Johnson concurred with several of Hathaway's key points, and also called for a "unity of effort" not just among nations, but among government agencies as well. She cited Ed Stroz's talk from Tuesday who said that an organization's approach to security often relies on its culture. 

Stanar-Johnson said that even cohesive organizations like the FBI or the NSA have a diversity of cultures within their organizations. To that end she cited the Comprehensive National Cybersecurity Initiative (CNCI) as a presidential directive that merges cybersecurity efforts between and within agencies. 

Stanar-Johnson, who worked on developing the CNCI, also stressed the importance of needing a clear communicator at the top. Though she had very limited expertise in the technology, she said was chose by NSA director General Keith Alexander because of her communication skills. 

"What they needed from me was to speak English," she said. "I don’t speak cyber or even sub-cyber, but the challenge was to de-cluster that language."

-Tom Stoelker

ICCS Breakout Session Dissects Russian "Mule" Network

The term “mules” is often used to describe a criminal who carries illegal drugs on their person across an international border. But in an ICCS breakout session Mauro Vignati described how the United States Postal Service, as well as several unwitting Americans just looking for work, are being exploited by Russian organized crime as mules to ship stolen goods to Russia. Vignati is a senior analyst with the Reporting and Analysis Centre for Information Assurance in Bern, Switzerland.

Vignati loosely described a cross-continent saga that begins with a criminal injecting himself into a product website, that person is referred to as an ‘injector.’ Then a ‘dumper,’ usually the same person as the ‘injector,’ collects personal data of website customers. Finally a ‘stuffer’ uses the stolen information to buy products.  

But herein lies a dilemma for the thieves: “How do the crooks get products stolen in the United States back to Russia without being detected?” Enter the recruiters. They hire the "mules," who will purchase package labels from dubious companies with ties to Russian criminals, often thinking it's a legitimate job.  The recruiters go so far as to create familiar job applications that include requests for three references, to make the companies seem legit to the mules. But not all the mules are naive. The mules break down into two groups: the unsuspecting job seeker and the knowing criminal--and both are used to transport stolen goods.

Vignati described how a 'panel' of mules print the labels and send the stolen products to Russia, typically through an United States Postal Service’s online mailing service. A ‘control panel’ keeps tabs on the mules to make sure they’re following up on their responsibilities, making calls and leaving messages on cell phones. All of this requires a team of translators and organizers to keep the product flowing to its final destination in Russia, where a much larger organization will then take over for distribution.

Vignati said there was an important key to dissecting the network's operation. 

"Instead of following the money, we followed the package."

-Tom Stoelker

Fordham Alumni, Students Represent at ICCS

Fordham security chief John Carroll. To his left is a confiscated Warhol forgery,
part of a Center Gallery art show on display for the conference.
Photo by Tom Stoelker

With nearly 500 guests representing 35 countries, this year’s International Conference on Cyber Security (ICCS), hosted by Fordham and the FBI, got underway on Aug. 5. On arrival at the Lincoln Center campus, guests were greeted by a welcome sign plastered with a sold out sticker.

Though the registration area filled quickly with conference visitors, there were plenty of Fordham security experts on hand as well. Kevin J. Kelly, FCRH '84, was among a handful of students who were the first to major in computer science during the early 1980s. He studied under ICCS co-organizer D. Frank Hsu, Ph.D., the Clavius Distinguished Professor of Science and professor of computer and information science. 

Kelly went on to work for the NYPD and  for Citibank. He teaches computer and information science as an adjunct professor at Fordham and points out the importance of the academy joining the cyber security conversation.

"It's a whole new paradigm and the University plays an important role in training future security experts," he said.

Cody Brown, FCLC '13 confers with D. Frank Hsu, Ph.D.

"Having something of this scale here at Fordham is major," said Cody Brown, FCLC '13, another alumnus who is assisting Hsu at the conference. "There are other conferences like this, but the stature of this is second to none."

Junior Katy Venizlos, a communications major at Fordham College Rose Hill, is one of several student volunteers working ICCS. Though her major slightly veers from the security interests of the attendees, she too understood the importance of the venture.

"It's good for Fordham to integrate education with the government and it's a great opportunity for the students," she said.

Asked if she was a little awed by the sheer number of G-men and women filing into the building, she shrugged.

"My dad is in the FBI, so I'm used to it."

-Tom Stoelker

"Faking It" at the Center Gallery

A small "Renoir" study.

Why would a curator find cause to bring together Warhol, Rembrandt, de Kooning, Chagall, Matisse, and Renoir? Artistically and historically, it’s a bit of a stretch.

Nevertheless, a new show at Fordham’s Center Gallery has found a unifying theme: the paintings are all fakes.

With Fordham’s 4th International Conference on Cyber Security (ICCS) set to begin Aug. 5 at the Lincoln Center campus, Fordham's artist-in-residence Stephen Apicella-Hitchcock and fellow artist Daniel Small came up with some ideas for the gallery that related to the conference—which is jointly sponsored by the Fordham and the FBI.

ICCS has traditionally used the gallery point as a registration center to welcome conference attendees. So Small teamed up with the FBI's Forgery Division to create Caveat Emptor (let the buyer beware), an exhibition of confiscated art forgeries from the FBI's holdings, now visible upon arrival.

"It's an anonymous group show for a bunch of artists who will never come forward," Small said.

 Rembrandtesque.

A few days before the July 26 opening, Small hung the paintings with the same care one might expect for the originals. And with good reason: some of the works have made it all the way to auction blocks of Christies and Sotheby’s.

Several of the paintings back-stories are as legendary as the copied artists, such as art dealer Ely Sakhai's attempt pass off two "Chagalls" as real. Sakhai bought an original, had it duplicated, and then used the original's authentication papers to sell the fakes. The two copies now face each other on opposite walls of the gallery.

"In a sense, it's a bit like a trophy room, or a display of evidence masquerading as a straightforward exhibition of paintings," said Apicella-Hitchcock.

While some of the direct forgeries might check out forensically, with correct pigments and aged, cracked varnish, the brush strokes often lack the flair of the real deal, said Small.

de Kooningish

The "Rembrandt" is a case in point. The forger created antiqued varnish cracks by carving into the surface with a needle, soaking the painting in black ink, washing the painting, then repeating the process several times. But the actual brush stroking falls far short of the master's. 

"Some of the paintings are quite good are and some of them are bad, just like in any art show," said Small. "The 'de Kooning' is incredible, though."

 Small noted that as the "de Kooning" approximates rather than copies an original work, which means that the forger's own artistic hand had more leeway, and thus more expression.

The purported artists on exhibit are: James E. Buttersworth, Marc Chagall, Willem de Kooning, Tsuguhara Foujita, Juan Gris, Paul Gauguin, Henri Matisse, Maurice Prendergast, Rembrandt van Rijn, Pierre Auguste Renoir, Andy Warhol, and Hale Woodruff.


The show will run through Aug. 9.

Curators hang one of two duplicate "Chagalls" in the show.

-Tom Stoelker

ICCS 2009: Standing Room Only

Registrations for the International Conference on Cyber Security (ICCS 2009) are officially sold out, and more than a dozen cyber professionals have asked to be placed on the waiting list.

The conference, a joint effort between the Federal Bureau of Investigation and Fordham University, will bring together global leaders in emerging cyber threat analysis and enforcement at the University's Lincoln Center campus from January 6 through 8, 2009.

Among the many sessions ICCS will feature Anatomy of a Modern Homegrown Terror Cell: Aabid Khan et al., by Evan F. Kohlmann, senior investigator and private consultant, Global Terror Alert; Child Pornography: Investigations, Trends, and Legal Issues, by Denzil S. Fearon, senior investigator, computer crimes unit, New York State Police; The Hacker Factor, by the AT&T Ethical Hacking Team; and Penetrating Mind of Mayhem: Inside the Mind of an Islamic Extremist, by the Honorable Shannen L. Rossmiller (Ret.), cyber operative and co-founder, AC-CIO.

See the ICCS newsroom for more details. For media queries, please contact Bob Howe, director of communications at Fordham University.

Fordham, FBI Team Up on Cyber Security

ICCS 2009

www.iccs.fordham.edu

A MEETING OF LAW ENFORCEMENT, INDUSTRY AND ACADEMIC EXPERTS

The Federal Bureau of Investigation has teamed with Fordham University's Department of Computer and Information Sciences to bring together global leaders in emerging cyber threat analysis and enforcement. In January 2009, the two institutions will launch the first International Conference on Cyber Security (ICCS 2009) in New York City, the information center of the world.

With the number of cyber threats escalating worldwide, the need for comprehensive security analysis and solutions has reached a critical juncture. Join us at ICCS 2009 for a first-hand opportunity to discover and share critical intelligence on issues shaping the future of cyber security.

ICCS 2009 will feature distinguished speakers, presentations and vendor exhibits. This gathering of international cyber security experts will host more than 300 delegates from around the world. The world's foremost experts in cyber threat analysis and enforcement will engage in a dialog and develop strategies for combating cyber threats across the globe. With shared expertise and insight into a myriad of cyber security trends, tools and techniques, this conference will create an unparalleled opportunity for the international advancement of cyber threat analysis and enforcement.