Time to move beyond 'medieval' cyber security approach, expert says

May 22, 2015
Time to move beyond ‘medieval’ cyber security approach, expert says
Much of the U.S.’s cyber defense is “modeled after medieval perimeter security … and the idea of ‘keeping the bad guys out’.”

The nation's approach to cyber security has much in common with medieval defense tactics, and that needs to change, says a cyber security expert at Missouri University of Science and Technology.

"Most of our cyber defenses are modeled after medieval perimeter security – a is much like a castle moat – and the idea of 'keeping the bad guys out'," says Dr. Bruce M. McMillin, professor of computer science and associate dean of the College of Engineering and Computing at Missouri S&T. "We live inside modern systems that are both physical and computational, and, in such a smart living environment, attacks can come from multiple different sources, some even inside what we consider protected."

Earlier this year, the head of U.S. Cyber Command told Congress that the federal government's efforts to deter are not working and the U.S. needs to "increase our capacity" to strengthen . At Missouri S&T, McMillin and other researchers are working to improve cyber security with an emphasis on safeguarding the nation's infrastructure while educating students in this field through its National Center of Academic Excellence in Information Assurance Education.

"We must focus on the information that both flows into and out of every portion of our smart living environment, both hiding what we consider and private, and disrupting the ability of our adversaries to launch information attacks," McMillin says.

He adds that Missouri S&T provides "a unique contribution to the information assurance field with our focus on developing ways to protect the nation's electric power grid, oil, gas and water distribution systems; and transportation systems from terrorist attacks." Much of that research occurs through Missouri S&T's Center for Critical Infrastructure Protection.

McMillin credits his former Ph.D. student, Gerry Howser, for coming up with the moat analogy to describe contemporary approaches to cyber defense. Howser is a career who returned to Missouri S&T for a Ph.D. in .

McMillin also co-leads Missouri S&T's Smart Living signature area. Smart Living focuses on developing processes and to turn home, workplace, transportation and energy systems into "smart" environments.

On March 19, Adm. Michael S. Rogers, the head of the U.S. Cyber Command and the National Security Agency, told the Senate Armed Services Committee that the command's efforts are not working. He pointed out that attackers to U.S. cyber infrastructure want to move beyond disrupting those networks to establish "a persistent presence" on them.

More recently, Dennis Blair, the former director of U.S. national intelligence, said that major sponsors of cyberwarfare forces are reaching a state of deterrence similar to the "mutually assured destruction" of the Cold War era. Blair pointed out that military and civilian systems are often intertwined, and that a cyber attack could have far-reaching consequences. "Should a nation-state take action against the GPS system in another country on a major scale, there's no telling which way the damage would fall," he said.

In their research, McMillin and his fellow Smart Living researchers are also considering the interdependence of computerized systems and their vulnerabilities.

Explore further: US cyber commander says hackers to 'pay a price'

Related Stories

US cyber commander says hackers to 'pay a price'

May 11, 2015

The US strategy of "deterrence" for cyber-attacks could involve a wide range or responses, potentially including the use of conventional weapons, the nation's top cyber-warrior said Monday.

NSA Director: China can damage US power grid

November 20, 2014

China and "one or two" other countries are capable of mounting cyberattacks to shut down the electric grid in parts of the United States. That's according to Admiral Michael Rogers, the director of the National Security Agency ...

White House says classified systems not hacked

April 7, 2015

US officials insisted Tuesday that a cyber attack late last year did not compromise White House classified systems, but refused to confirm reports Russia was behind the breach.

Recommended for you

Forget oil, Russia goes crazy for cryptocurrency

August 16, 2017

Standing in a warehouse in a Moscow suburb, Dmitry Marinichev tries to speak over the deafening hum of hundreds of computers stacked on shelves hard at work mining for crypto money.

Researchers clarify mystery about proposed battery material

August 15, 2017

Battery researchers agree that one of the most promising possibilities for future battery technology is the lithium-air (or lithium-oxygen) battery, which could provide three times as much power for a given weight as today's ...

Signs of distracted driving—pounding heart, sweaty nose

August 15, 2017

Distracted driving—texting or absent-mindedness—claims thousands of lives a year. Researchers from the University of Houston and the Texas A&M Transportation Institute have produced an extensive dataset examining how ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.