Time to move beyond 'medieval' cyber security approach, expert says

May 22, 2015
Time to move beyond ‘medieval’ cyber security approach, expert says
Much of the U.S.’s cyber defense is “modeled after medieval perimeter security … and the idea of ‘keeping the bad guys out’.”

The nation's approach to cyber security has much in common with medieval defense tactics, and that needs to change, says a cyber security expert at Missouri University of Science and Technology.

"Most of our cyber defenses are modeled after medieval perimeter security – a is much like a castle moat – and the idea of 'keeping the bad guys out'," says Dr. Bruce M. McMillin, professor of computer science and associate dean of the College of Engineering and Computing at Missouri S&T. "We live inside modern systems that are both physical and computational, and, in such a smart living environment, attacks can come from multiple different sources, some even inside what we consider protected."

Earlier this year, the head of U.S. Cyber Command told Congress that the federal government's efforts to deter are not working and the U.S. needs to "increase our capacity" to strengthen . At Missouri S&T, McMillin and other researchers are working to improve cyber security with an emphasis on safeguarding the nation's infrastructure while educating students in this field through its National Center of Academic Excellence in Information Assurance Education.

"We must focus on the information that both flows into and out of every portion of our smart living environment, both hiding what we consider and private, and disrupting the ability of our adversaries to launch information attacks," McMillin says.

He adds that Missouri S&T provides "a unique contribution to the information assurance field with our focus on developing ways to protect the nation's electric power grid, oil, gas and water distribution systems; and transportation systems from terrorist attacks." Much of that research occurs through Missouri S&T's Center for Critical Infrastructure Protection.

McMillin credits his former Ph.D. student, Gerry Howser, for coming up with the moat analogy to describe contemporary approaches to cyber defense. Howser is a career who returned to Missouri S&T for a Ph.D. in .

McMillin also co-leads Missouri S&T's Smart Living signature area. Smart Living focuses on developing processes and to turn home, workplace, transportation and energy systems into "smart" environments.

On March 19, Adm. Michael S. Rogers, the head of the U.S. Cyber Command and the National Security Agency, told the Senate Armed Services Committee that the command's efforts are not working. He pointed out that attackers to U.S. cyber infrastructure want to move beyond disrupting those networks to establish "a persistent presence" on them.

More recently, Dennis Blair, the former director of U.S. national intelligence, said that major sponsors of cyberwarfare forces are reaching a state of deterrence similar to the "mutually assured destruction" of the Cold War era. Blair pointed out that military and civilian systems are often intertwined, and that a cyber attack could have far-reaching consequences. "Should a nation-state take action against the GPS system in another country on a major scale, there's no telling which way the damage would fall," he said.

In their research, McMillin and his fellow Smart Living researchers are also considering the interdependence of computerized systems and their vulnerabilities.

Explore further: US bolstering cyber defense with new corps: NSA chief

Related Stories

NSA Director: China can damage US power grid

November 20, 2014

China and "one or two" other countries are capable of mounting cyberattacks to shut down the electric grid in parts of the United States. That's according to Admiral Michael Rogers, the director of the National Security Agency ...

White House says classified systems not hacked

April 7, 2015

US officials insisted Tuesday that a cyber attack late last year did not compromise White House classified systems, but refused to confirm reports Russia was behind the breach.

US cyber commander says hackers to 'pay a price'

May 11, 2015

The US strategy of "deterrence" for cyber-attacks could involve a wide range or responses, potentially including the use of conventional weapons, the nation's top cyber-warrior said Monday.

Recommended for you

Where can I buy a chair like that? This app will tell you

August 23, 2016

If you think you have a knack for interior design, or just want to spruce up your own home, new technology developed by Cornell researchers may help you choose furnishings the way professionals do. And professionals may find ...

Sponge creates steam using ambient sunlight

August 22, 2016

How do you boil water? Eschewing the traditional kettle and flame, MIT engineers have invented a bubble-wrapped, sponge-like device that soaks up natural sunlight and heats water to boiling temperatures, generating steam ...

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.