USF at the center of cybersecurity

The Florida Center for Cyber Security at USF tracks cyberattacks across the globe in real time, including the attack’s origin and its destination. The communications manager for the center, Amy Harroun, said the U.S. and Russia are the most attacked countries in the world.  ORACLE PHOTO / ADAM MATHIEU


Americans have become so apprehensive over their own cybersecurity that President Barack Obama felt the need to address the issue in this year’s State of the Union.

Whether it’s Sony Pictures Entertainment, U.S. Central Command or the average social media user, cybersecurity concerns  virtually everyone who accesses the Internet.

And, according to Sri Sridharan, the managing director of the Florida Center for Cybersecurity (FC2) at USF, people should expect to see even more cases of cybersecurity breaches in the near future.

“My opinion is that you’re going to see a lot more hacks and breaches in 2015 and 2016 moving forward,” Sridharan said. “It’s going to get worse before it gets better.”

Cybersecurity education would benefit Tampa in particular. A recent study by Clearwater security company Enigma Software named Tampa the most-hacked city in America. Tampa residents are subjected to computer viruses 561 percent more than the 2014 national average per capita, according to the study.

Sridharan believes the title stemmed from Tampa’s retired, who are not familiar with the workings of the Internet, and young people who are dependent on computers.

He also said that Tampa contains a comparatively high volume of pornographic activity, which is a popular way hackers infect computers through malware, which steals information and sends it back to the hackers.

This monetization of personal information is what many average Internet users need to worry about, Sridharan said. Email addresses, personal passwords, credit card numbers and medical records are all sold in the “underground” of the Internet.

“If you want to go into the underground and talk to (hackers), user IDs and email IDs and passwords cost about a buck,” he said. “Credit cards about two to three bucks. Electronic medical records hundreds of dollars. If they know your date of birth, your medical history, your social security number and all the different types of medical issues that you’ve gone through, they can conduct Medicaid fraud. They can get millions of dollars from it, and before the feds catch up to them, they’re gone.”

What large businesses and organizations may need to fear, Sridharan said, is intellectual property theft. When a company wants to develop a new product, it must first invest substantial amounts of money into research and development for that product and create some sort of blueprint for manufacturing it. 

A company can use hackers to steal this intellectual property from a competitor, Sridharan said, so that it can skip the product development stage and move right to the manufacturing process while saving a significant amount of money. The most at-risk businesses are those involved in financial services, utilities and energy, health care, and retail.

“So what types of hackings take place? They hack anything and everything that they can because they can monetize it,” he said. “If you can monetize something, they’ll hack it.”

While corporations and local governments can typically afford to purchase specially made anti-virus software or hire cybersecurity professionals to help protect their data, the average computer owner will not be able to pay for, or have access to, these kinds of safeguards. 

According to Sridharan, an estimated 3.5 million cyber professionals will be in demand globally to protect users on a personal and corporate level.

“All institutions need to implement cyber programs to teach students with skillsets in various aspects of cybersecurity,” he said. “It will be a few years for the supply to catch up with the demand. We need to create awareness and a sense of urgency to provide that training.”

However, other than making complex passwords for websites that require login information and not using the same password twice, one of the best kinds of computer protection for the average person is absolutely free, Sridharan said. 

“Be smart and vigilant. Be careful what websites you go to,” he stated. “There are a lot of websites that advertise, ‘Hey, if you come here, you can make $1,600 a week!’ Some of those are bad links, if you click on that just out of curiosity, you’re dead meat … once the bad malware is installed on your computer, it can start to monitor your keystrokes, start to steal information and do a lot of damage.”

This is what Sridharan calls “cyber hygiene.”

“One of the things I preach to students, senior citizens, and even CEOs I meet with … Make sure that you have good anti-virus, network, and firewall protection on all the devices that you use,” he said. “This is all good cyber hygiene; you practice it when you use devices, and then you use common sense.”

This is a reason why cybersecurity is such an important industry, because “it just takes one person to be lax on their security protocol to open up a whole group of individuals to some kind of attack,” said Tony Smith, a project executive and associate partner at IBM and a master’s student at FC2.

Smith is an example of many who are getting an education in cybersecurity as the demand for it goes up in all sectors. He performs classified and unclassified work at a laboratory in coordination with MacDill Air Force Base. 

“(Cybersecurity) is at the forefront of all major news going on today as far as new disciplines are concerned,” Smith said. “Mischievous work far outnumbers the experience and expertise of individuals who are trying to counter that … having a formalized program in cybersecurity is a really smart offering.”

Other than protecting personal and corporate information, cybersecurity could create new jobs for the state of Florida. These new jobs require trained cybersecurity professionals, which is why it is important, Smith said, for students who may be interested in cybersecurity to get involved with one of FC2’s programs.

USF’s Florida Center for Cybersecurity was created in July of 2014 to promote awareness of cybersecurity, develop new research solutions, educate and train the public and make the state of Florida the national authority on cybersecurity. 

The center itself is located at USF but represents the 12 universities in the State University System of Florida and is funded by the state. FC2 currently offers a master’s degree program with four concentrations, graduate certificates and industry certification.

“This (master’s) program that USF offers is really to train students to become managers and be able to actually get folks into the discipline,” Smith said.