Our congrats to Georgia Tech. Last month, Georgia Tech was granted a $17.3 million cybersecurity research contract by the US Department of Defense. Their mandate- to help establish new science that quickly, objectively and positively identifies the virtual actors responsible for cyberattack. The IT Security experts at Securolytics are so proud that our University is embarking on this all important research. Read more about it here Go Yellow Jackets!
Georgia Tech has received a $17.3 million cybersecurity research contract to help establish new science around the ability to quickly, objectively and positively identify the virtual actors responsible for cyberattacks, a technique known as “attribution.”
While the tools and techniques to be developed during the four-and-a-half year effort won’t point directly to the individuals responsible, the initiative will provide proof of involvement by specific groups, identifiable by their methods of attack, consistent errors and other unique characteristics, Georgia Tech noted in a statement.
The research, sponsored by the U.S. Department of Defense, will be led by researchers at Georgia Tech, in collaboration with other academic institutions and companies.
“We should know who our friends are and who our enemies are in the cyber domain,” Manos Antonakakis, an assistant professor in Georgia Tech’s School of Electrical and Computer Engineering, noted. “We owe it to the people of this country to objectively reason about the actors attacking systems, stealing intellectual property and tampering with our data. We want to take away the potential deniability that these attack groups now have.”
Attributing attacks to specific groups or individuals could be partially achieved today, but it is largely a manual process that requires skilled investigators and weeks or months to complete. The new research will accelerate that process and provide both scientific reasoning and hard evidence about the guilty parties, according to the statement.
“In this project, we will use machine learning and algorithms to scale up the attribution process to help companies and the government protect against those bad actors,” noted Antonakakis, the project’s principal investigator. “We will provide a systematic and scientific way to deal with the attacks.”
Rapid identification is important to companies and government organizations because the motives of the intruders suggest the kind of information they are seeking, the damage they can do, and what the victims may use to stop the attack and minimize impacts.
“For a business, it’s very important to know whether you are being targeted by a commodity-type threat, a run-of-the-mill threat, or if you are being targeted by a specific group that may have ties to a government or to a competitor,” Antonakakis said. “The type of threat would affect business decisions.”
Ultimately, the researchers hope to combine intrusion detection with attribution, allowing a quicker response — and helping victims cut off attackers more quickly.
The team at Securolytics with our new FREE Exploitable IoT Scanning tool is built to protect Healthcare organizations large and small from IoT breach threats. Don’t be reactive… be proactive with Securolytics.
Contact Securolytics now to learn more. Our global team is ready to assist you. We are motivated by one overriding purpose – to keep organizations and businesses out of harm’s way from cyber criminals and sophisticated hackers.