Sep 15 2014

Students Study a Rampant Virus at University Cybersecurity Lab

The new Maine facility provides a closed network for finding defenses against cyberattacks.

Students at the new Cyber Security Lab at the University of Southern Maine are learning in a unique environment where viruses can be studied before they become a crippling problem to the outside world.

The university unveiled its $1 million closed-network cybersecurity lab in August — the first of its kind in the state. Students can study the latest techniques in cybersecurity and learn about the digital threats that can just as easily damage corporate or government defenses.

TechMaine described the lab as a "testing and evaluation environment that will allow private and public entities to refine their technology infrastructures and code on the fly." The new lab is part of and will serve as the hub of the Maine Cyber Security Cluster, a regional resource and test bed for the latest security solutions.

How to Learn From a Rampant Virus

Edward Sihler, technical director of the Cyber Security Lab, told WMTW News that the closed network allows students to learn about digital threats in a tangible way that's not possible in standard labs.

"We can, for example, release a virus. Let it loose, and let it run rampant on the machines, because these are not production machines, and see how it spreads," Sihler said.

The research done in this kind of closed lab is necessary in order to learn how to get ahead of a potential breach before it ends up doing real damage, Sihler said.

The New York Times reported that Target's 2013 malware breach has cost the company an estimated $148 million. After the holiday shopping season breach damaged the retail chain’s reputation, CEO Gregg Steinhafel stepped down in May, according to USA Today. In July, former PepsiCo executive Brian Cornell was brought in as Target’s new CEO.

In a Sept. 4 column for Information Week, W. Hord Tipton, executive director for (ISC)², a nonprofit information security education firm, wrote that a more intensive understanding of cybersecurity is needed to grapple with the growing threats.

"Cyber security is growing in complexity every day and requires continual refinement of the workforce's capacity for both skill and strategy," Tipton wrote.

More Education Needed to Prepare for Defense Against Future Breaches

The education sector stands to benefit from the bulking up of cybersecurity defenses. "State of IT Cyber Defense Maturity," a report recently featured by EdTech, offers a snapshot of the confidence levels of IT management in five industries. The outlook for education was grim, according to the results of the survey technology analysts at IDG Connect conducted for ForeScout.

The report found that the education sector struggled the most with managing the security of its virtual machines, an industry that has experienced massive growth. The largest areas of vulnerability listed included malware as well as application and wireless security.

For most of the last decade, the U.S. government has been involved in initiatives to inspire students to pursue a career defending the country from cyberattacks.

The Department of Defense has used the DC3 Digital Forensics Challenge, hosted each year by its Defense Cyber Crime Center, to recruit some of the brightest rising stars in cybersecurity. The challenge pits more than 1,000 teams of student tech enthusiasts against modern security problems. Teams are scored based on how they circumvent security challenges such as cracking passwords and file encryption.

Other recruiting initiatives, like the U.S. Cyber Challenge, organize camps aimed at identifying and developing the next generation of cybersecurity talent, according to the organization’s website.


Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.