Skip to main content

UCB leader in critical infrastructure protection research

Doug Tygar, professor, computer science and School of Information | November 9, 2009

Cyberwarfare is something that is taken seriously by the Chinese and Russian military.   Officers in the (Chinese) People’s Liberation Army have written treatises on cyberwarfare.  And we have extensive evidence of successful penetrations of US governmental and military sites.  The US also takes cyberwarfare seriously:  Defense Secretary Gates announced on June 23rd a new “US Cyber Command” (part of the US Strategic Command).

While protection of government and military computer systems is a priority of the first order, the US is even more vulnerable to electronic attacks on the civilian critical infrastructure.  These attacks are not merely a hypothetical possibility, as President Obama discussed in his May 29 remarks:

It’s about the privacy and the economic security of American families.  We rely on the Internet to pay our bills, to bank, to shop, to file our taxes.  But we’ve had to learn a whole new vocabulary just to stay ahead of the cyber criminals who would do us harm — spyware and malware and spoofing and phishing and botnets.  Millions of Americans have been victimized, their privacy violated, their identities stolen, their lives upended, and their wallets emptied.  According to one survey, in the past two years alone cyber crime has cost Americans more than $8 billion.

I know how it feels to have privacy violated because it has happened to me and the people around me.  It’s no secret that my presidential campaign harnessed the Internet and technology to transform our politics.  What isn’t widely known is that during the general election hackers managed to penetrate our computer systems. . . .  But between August and October, hackers gained access to emails and a range of campaign files, from policy position papers to travel plans.  And we worked closely with the CIA — with the FBI and the Secret Service and hired security consultants to restore the security of our systems.  It was a powerful reminder:  In this Information Age, one of your greatest strengths — in our case, our ability to communicate to a wide range of supporters through the Internet — could also be one of your greatest vulnerabilities. . . .

In one brazen act last year, thieves used stolen credit card information to steal millions of dollars from 130 ATM machines in 49 cities around the world — and they did it in just 30 minutes.  A single employee of an American company was convicted of stealing intellectual property reportedly worth $400 million.  It’s been estimated that last year alone cyber criminals stole intellectual property from businesses worldwide worth up to $1 trillion.

In short, America’s economic prosperity in the 21st century will depend on cybersecurity.

And this is also a matter of public safety and national security.  We count on computer networks to deliver our oil and gas, our power and our water.  We rely on them for public transportation and air traffic control.  Yet we know that cyber intruders have probed our electrical grid and that in other countries cyber attacks have plunged entire cities into darkness.

Our technological advantage is a key to America’s military dominance.  But our defense and military networks are under constant attack.  Al Qaeda and other terrorist groups have spoken of their desire to unleash a cyber attack on our country — attacks that are harder to detect and harder to defend against.  Indeed, in today’s world, acts of terror could come not only from a few extremists in suicide vests but from a few key strokes on the computer — a weapon of mass disruption.

UC Berkeley is arguably the leading US university in the areas of computer security, privacy, and cyber critical infrastructure protection.  We have a core group of researchers (particularly in our Department of Electrical Engineering and Computer Science; our School of Information; our School of Law; and our School of Public Policy) who are focused on real-world cyber-protection.  And Berkeley is the lead university in the National Science Foundation’s Science and Technology Center in Computer Security:  our Team for Research in Ubiquitous Security Technologies (TRUST).  The TRUST Center, headquartered at UC Berkeley also includes researchers from a number of other institutions including Carnegie Mellon, Cornell, Stanford, and Vanderbilt.  The TRUST Center has three major directions:  (1) protecting financial infrastructures (including protecting individuals from identity theft); (2) protecting health infrastructures (including protecting the privacy of medical records); and (3) protecting physical infrastructures (including the power grid, natural gas distribution, automated railroad control, water, transportation).  For more information about TRUST, see here.  And this is no “Ivory Tower” effort:  Berkeley researchers have developed a variety of powerful technologies which have been successfully transitioned to both industry and government.

We are working hard on these topics.  It is a topic of very real concern.  In the meanwhile, please be careful in cyberspace.

Comments to “UCB leader in critical infrastructure protection research

  1. Doug

    Can I ask you if you could give a talk on Cyber Terror at the Berkeley Tennis Club? We run a Friday evening speakers series utilizing speakers from UCB. I hope this appeals to you.


    Ken Stutz
    510 601-1315

  2. We live in a society that is totally dependent on computers, networks and all things related. As soon as anything goes wrong, even at the basic level, we are crippled. This surely means that we are vulnerable to attacks at the lower end of the system that can still cause emense problems.

  3. You should know by now that threats like spyware, malware, spoofing and phishing are here to stay on the Internet…. And perhaps many others are ready to come. And this shouldn’t scare us more than it is necessary. And you know why? Because Internet has huge advantages and disadvantages, like anything and everything in our life. For example: if we drive your car is pleasant (I personally love driving), is useful (takes everywhere you want, any time you want) and can be very much fun (when driving fast for example).

    Now… the downside of driving your car is the risk of been hit by another car (without our fault), or slipping on a bad weather, even having a bad accident in a moment of   inattention, maybe while changing radio channel or when you pick up the phone. This things can happen.
    Now… We assume some risks when we take the car and we also have some rules to drive on a highway. We even need a license, isn’t it? :))
    Well… Internet is no more than driving a  car on a huge network of roads with a huge traffic all around. The secret to stay away from *accidents* like computer infections with spyware and malware is to get a so-called *licence*… which cannot be obtained… so we will call this DISCIPLINE. Yes, self discipline on Internet! This all we can have right now.

    To avoid infection, we have to navigate on internet with more precaution and not to click everywhere/anywhere, neither to install programs without thinking what that is… Also, we have to open our eyes when we navigate on sensitive website with financial information, like the bank account or Paypal account or even our e-mail account. Look in front of your browser to see if the www address of your bank account it starts with the bank name and not with another name in front (followed by dot… and your bank name).
    Any address that is looking like your regular address but is not (sometimes is missing a letter or it is a simple extra dot on the bank name) is a website from a hacker that create a page that look exactly like the original, only that when you login you go nowhere, while the hacker has your username and password stored in the back of that website (this is spoofing and phishing). I tried to explain as simple as possible because many really do not understand how the id’s are stolen.
    Is like you take the wrong road to home, and instead of reaching to your family, you are going to a closed road, a dead end.

    Also… discipline on your pc means to have at least an antivirus with firewall included (or the firewall from windows open) to protect from viruses, keylog-ers and other threats on internet and  a fix registry program that will clean up your trace on internet and fix your registry that over time make your pc to work slow. Yes, this mean a small investment, but loosing thousands or even tens of thousands of dollar from your PayPal account or even bank account is a joke comparing with a maximum $120 one time investment/life on an antivirus program and cleaning program that will mostly protect you from lots of threats…
    Still this doesn’t mean that you are 100% protected, you still have to open your eyes when browsing and think of the discipline we spoke about, to be safe on your own computer.

    Perhaps, our politicians will realize eventually that Internet education have to start on school, right from the first classes and generation who will came will be fully aware of the benefits and risks of the internet and will have their *license* to navigate over the internet safely.

    Hoping my post was helpful,
    Lawrence William, Corporate Manger
    SC Laptopuri Inc., EU

  4. “In short, America’s economic prosperity in the 21st century will depend on cybersecurity.” — Very very important! And very glad to see that UCB is the leading US university in the areas of computer security, privacy, and cyber critical infrastructure protection. But I think the People’s Liberation Army is not the main course, haha!

  5. I came across this thread whilst researching something else. But it caught my attention and made me think.

    We live in a society that is totally dependent on computers, networks and all things related. As soon as anything goes wrong, even at the basic level, we are crippled. This surely means that we are vulnerable to attacks at the lower end of the system that can still cause emense problems.

  6. With more and more information and utilities moving online, the need for security is growing progressively larger. A proactive approach to protecting computer systems is essential. Determining what actions to take by waiting for an attack to happen is just not going to cut it. Cyberterrorism IS real and it’s big business.

  7. Cyberterrorism? Seems like a better phrase could be coined since the ongoing scare campaigns by both State and media have worn the term out. How about cyberobbers or digital-sociopaths? I submit that the phenomenon is very real and actually greed-driven form both ends. The “cyberterrorists” are greedy for data that can be transformed into ill-gotten gains while the victims are greedy for cost savings, time savings and increased revenue and market share. The only reliable check on greed is risk. Every sound business plan includes a serious risk assesment and perhaps more information is needed to assess this particular risk more accurately. On the other side of the greed equation, counter-measures coupled with certain and significant reprecussions can help to increase the risk for cyberterrorists. I expect that new schemes of segregated, parrallel data transfers and the like will make it much more difficult to intrude, i.e. the cyberobber would have to simultaneously hack all of the parrallel trasnmissions to obtain a full data set. Other clever schemes will surely be developed. It will be a cat and mouse game that goes on indefinitely and will spawn multi-billion dollar industries that are now just starting to blosom.

  8. Interested to hear that UCB is arguably the leading US university in “cyber” (a word that should be outlaws BTW) critical infrastructure. Being a senior Critical Infrastructure Protection Standards auditor I try to keep tabs on security research that is relevant to the energy sector.

    In regards to the AFCOM survey, that is probably a fair assessment. The threat of cyberterrorism is real; however, a “business” risk analysis will almost always calculate a cyber security risk as low relative to other more tangible business risks. Why? Because terrorism is rare and “cyber” terrorism is even more rare. I have no doubt that our critical infrastructure needs huge improvements in protecting against cyber security threats – matter of fact, I know first hand how low our security posture is in this regard. That being said, the business case to adequately address the issues is hard to make with a real data. Got cyber security actuary tables? That’d help!

  9. It’s worth noting that a recent survey
    conducted by AFCOM, the world`s largest data center association, found that that though the threat of cyberterrorism is real, it is not being adequately addressed by the world’s keepers of the most confidential financial, military and personal data. Anyone care to comment?

Comments are closed.