Tag: national security

Foundations of Cybersecurity: New Certificate From MTU.

Michigan Tech is offering both a in-person and online certificate in the Foundations of Cybersecurity. In nine credits, students will learn how to identify and describe the foundational principles of securing both a computer system and a computer network. They’ll also study the fundamentals of secure software development and apply them effectively.

This credential addresses cyber crime, a costly and dangerous global problem.

Brief Case Study: The WannaCry Ransomware Attack

Flash backward to seven years ago.

In 2017, the WannaCry ransomware worm spread rapidly across computers running the Microsoft Windows operating system.

This worm first encrypted files and then demanded ransomware payments–first 300$ and then 600$ in bitcoins. Unfortunately, even those who paid the ransom, such as a friend of this writer, still lost their files.

Screenshot of the 2017 WannaCry Ransomware attack.
The WannaCry Attack. Image Credit: (https://cdn.securelist.com/files/2017/05/wannacry_05.png/)

How did this attack happen? The worm wriggled its way in through a vulnerability in Windows’ Server Message Block (SMBv1) protocol (EternalBlue), used for file and printer sharing on Windows networks. Then, it installed DoublePulsar as the “backdoor” on compromised computers.

The U.S. National Security Agency (NSA) had previously disclosed the Eternal Blue weakness. Then, a hacking group called the Shadow Brokers leaked it onto the web and cyber criminals took lurking in the shadows took notice. Within a few days, WannaCry affected at least 200,000 computers and 300,000 devices in more than 150 countries. The attack caused widespread disruption, particularly in critical sectors such as healthcare, telecommunications, and manufacturing. One of the most notable victims was the UK’s National Health Service (NHS), which canceled both appointments and operations, turning patients away.

Microsoft quickly released security patches for versions of Windows with the Eternal Blue vulnerability. However, it had actually sent security patches two months earlier, which hadn’t taken effect because many organizations hadn’t taken the time to update their systems. Oops!

Training in the Foundations of Cybersecurity is Needed Now More Than Ever.

This attack, then, not only underscored the importance of updating systems regularly to install timely security patches, but also the need to quickly implement protocols of backup and recovery. Even more so, WannaCry revealed the demand for more well-trained, cybersecurity professionals from government agencies, private sector companies, and other organizations who could collaborate on and react quickly to global cyber crime incidents.

Along with ransomware, cybersecurity professionals must be ready to battle Advanced Persistent Threats (APTs), Phishing and Social Engineering, Zero-day attacks, high-profile data breaches, DDoS attacks, and many other types of cyber crime. The changing nature of cyber threats also requires organizations to continually improve their defenses and adapt to new attack vectors.

And digital transformation, vehicle electrification, robotic workplaces, and Industry 4.0 pose new challenges as well. That is, as organizations move to cloud environments and the IoT (Internet of Things) continues to proliferate, cybersecurity professionals must safeguard infrastructures and predict possible vulnerabilities.

More troubling news: In the last decade or so, cyber attacks have grown in sophistication, frequency, and size. In fact, according to US News, “Data breaches and ID theft are still hitting records.” Recently, on July 4, while this blog was being drafted, Cybernews reported that a file containing 9,948,575,739 plain text passwords was posted on a hacker site by the user Obamacare. This file, known as the RockYou24 leak, was a compilation of passwords that were collected from 4000 databases over the last two decades. (Previously, the RockYou21 leak contained 8.5 billion of these same passwords.)

With these passwords, Cybernews explains that “threat actors could exploit the RockYou2024 password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts used by individuals who employ passwords included in the dataset.”

Here are Some Other Startling Statistics About Cyber Crime:

The Cybersecurity Talent Gap is Expanding.

But perhaps one of the biggest challenge that cybersecurity professionals face is that there are not enough of them. That is, many organizations are struggling to fill critical positions. The global cybersecurity employment gap, which reached 4 million workers in 2023 (ISC2 2023), is expected to expand to 85 million by 2030.

The United States is one of those countries facing a shortage of cybersecurity professionals.

Interactive heatmap from cyberseek that provides information on cybersecurity jobs in the US.
This interactive heatmap by cyberseek provides both an overall and granular look into US cybersecurity jobs.

Between September 2022 and August 2023, 572,000 US jobs opened up in the cybersecurity industry. This number is up 74% from 2010.

And in the US, there were 1.18 million cybersecurity professionals employed between September 2022 and August 2023, which is also an an increase of 59% since 2010.

To help address this talent shortage, Michigan Tech is offering both online and in-person certificates in the Foundations of Cybersecurity, which start in Fall 2024. Students can complete this certificate or use the credits to dive deeper into cybersecurity and progress towards a master’s degree. They can choose from either Michigan Tech’s MS in Cybersecurity or the MS in Computer Science.

To be eligible for the program, applicants must have earned an undergraduate degree in computer science, computer engineering, or software engineering. The online application is free and requires no GMAT or GRE.

This certificate adds to the roster of MTU’s already respected cybersecurity research program, recognized nationally for its academic and research excellence. In fact, the US National Security Agency designated MTU as a National Center of Academic Excellence in Cyber Research (CAE-R). This CAE-R designation, establishing that Michigan Tech has met the rigorous requirements set forth by the NSA, extends through the 2029 academic year.

The Future Looks Bright for Those with Skills in the Foundations of Cybersecurity.

When it comes to cybersecurity professionals, there are several possible career paths.

Take the career of Information Security Analyst, for instance. A person in this role will have several responsibilities. They must use and maintain software, such as firewalls and data encryption programs, to protect sensitive information. In addition, they must check for vulnerabilities in computer and network systems; research the latest information technology (IT) security trends; and prepare reports that document general metrics, attempted attacks, and security breaches.

Being vigilant and proactive are also essential traits of this cybersecurity professional as they strive to develop security standards and best practices for their organization and timely recommend security enhancements. And they are also heavily involved with creating their organization’s disaster recovery plan, which IT employees must follow in case of emergency.

Because of the importance of these tasks, the US Bureau of Labor Statistics predicts a need for several tens of thousands of these analysts, with a career growth of 32% (much faster than average.) And these jobs way well, too: the 2023 median salary of an information security analyst was $120,360.

Other Top-Paying Cybersecurity Jobs

  • Cybersecurity Analyst: $114,306
  • Cybersecurity Manager: $150,943 per year
  • Penetration and Vulnerability Tester: $124,424
  • Cybersecurity Architect: $147,142 per year
  • Cybersecurity Engineer: $131,768
  • Incident and Intrusion Analyst: $103,639
  • Cybersecurity Consultant: $124,275
  • Cyber Crime Analyst: $103,198
The US government employs several professionals trained in the foundations of cybersecurity.
The US government, which employs 11,000 cybersecurity professionals, advertised for 6000 jobs in 2023.

Educate Yourself to Meet the Growing Need for Cybersecurity Professionals.

The estimated loss of that 2017 WannaCry incident was about four billion dollars. That bill was just a drop in the bucket.

According to Cybersecurity Ventures, cyber crime is expected to grow by 15% a year in the next three years. What this prediction means is that cyber crime will cost the world $10.5 trillion annually by 2025. This figure includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, and other costs.

Professionals with training in the foundations of cybersecurity can not only save organizations a lot of money, then, but even save lives.

Yes lives. When a 2020 ransomware attack on Dusseldorf University Hospital (Germany) caused its IT systems to fail (30 servers!), the hospital could not admit emergency patients. As a result, staff directed a critically ill woman who needed immediate care to another hospital about 20 miles away. This delay in treatment, which contributed to the patient’s death, is often cited as the first death resulting from a cyber attack.

It is obvious that the costs of cybercrime , which are immense, multifaceted, and global, impact economies, organizations, and individuals. Because of these costs, cybersecurity professionals are needed across every sector and industry. But there is a particularly urgent need for them in financial services, health care, government, national security, manufacturing, and retail.

And the growing sophistication of cyber threats and the increasing reliance on digital technologies suggest that these costs will continue to rise, highlighting the crucial demands for both robust cybersecurity measures and the highly skilled and trained professionals to enact them.

Get Started on Your Foundations of Cybersecurity Certificate at MTU.

Calumet Electronics and Michigan Tech Praised

Calumet Electronics in Calumet, Michigan, with the help of incredible engineers from the Michigan Technological University up in Houghton, is doing incredible work on advanced packaging, particularly by making very advanced circuit boards for defense applications. And they’re expanding their capacity. 

Senator Gary Peters
Senator Peters, who spoke at the CHIPS and Science Implementation and Oversight Committee, praised Michigan Tech and Calumet Electronics for their semiconductor initiatives.
Senator Peters speaks at the hearing.

Gary Peters (D), Michigan’s United States senator, recently gave a well-deserved shout-out to both Michigan Technological University and Calumet Electronics. Peters spoke at the US Senate’s full committee hearing on “CHIPS and Science Act Implementation and Oversight,” held on October 4, 2023.

The hearing focused “on the implementation and oversight of the CHIPS and Science Act by the Department of Commerce and the National Science Foundation.” In short, it summarized the rollout of programs, research and development, and other semiconductor manufacturing initiatives.

The senator recalled that one of the main goals of the CHIPS and Science Act is onshoring semiconductor production. Then, he asserted the need for dedicating some of the Act’s R & D funds to supporting the advanced packaging industry. This industry is essential to securing the supply chain.

He pointed to Calumet Electronics as crucial to meeting US semiconductor advanced packaging needs. That is, Calumet Electronics is using the great alumni from Michigan Tech (engineering graduates) to grow this industry on-shore, right here in the UP. 

Calumet Electronics: Leading in Advanced Packaging

If you haven’t heard of Calumet Electronics, it is a leading commercial and non-traditional defense contractor. CE specializes in the research, design, engineering, and manufacturing of high-quality printed circuit boards (PCBs) and, more recently, organic substrates.

As an award-winning American-owned and operated company, Calumet is known for its thought leadership and innovative engineering and manufacturing. Also, CE is an SBA HUBZone certified small business that conducts all its operations domestically. Furthermore, it has established itself as a pure play manufacturer with a focus to support and grow its local economy and the surrounding communities in Michigan’s rural Upper Peninsula.

Calumet Electronics applauds Senator Peters for his ongoing commitment to domestic semiconductor chip manufacturing. During the recent Commerce Committee hearing, he cited the ‘incredible engineers’ of Calumet Electronics and our partnership with Michigan Tech in making advanced PCBs for defense applications. We’re very grateful for his confidence and support, and his tireless efforts to prioritize additional funding for this critical work.

Meredith Labeau, PhD, CTO of Calumet Electronics

Labeau continued, “Calumet Electronics and Michigan Tech have forged a remarkable partnership, producing a synergy that showcases the exceptional quality of engineers they graduate. Together, we are shaping the future of innovation and electronics right here in Michigan’s Upper Peninsula.”

David Lawrence, vice president for Global Campus and continuing education, recently visited Calumet Electronic, and was impressed by its facilities. He affirmed that “Michigan Tech’s relationship with Calumet Electronics is robust and the future is bright. We continue to work with industry partners to support the semiconductor initiatives.”

Securing US-Based Semiconductor Production

At the hearing, Secretary Gina Raimondo (U.S. Department of Commerce) and witness, acknowledged that keeping advanced packaging in the US is crucial. In short, it is important not only to the supply chain but also to National Security. Accordingly, the committee, which has “a plan in the works,” will soon release an advanced packaging strategy.

This hearing occurred just over a year after the US government rolled out the bipartisan 2022 CHIPS and Science Act . The Act implemented previous programs under the 2021 CHIPS for America Act (January 2021). Also, it authorized nearly $250 billion in semiconductors and scientific research and development.

The CHIPS and Science Act responded to both the decline in American microchip fabrication and semiconductor shortages. These shortages caused serious supply chain problems, especially for Michigan’s automotive industry. 

Responding to the semiconductor shortage, Michigan Tech has taken on projects that focus on onshoring semiconductor production. For instance, in 2022, MTU collaborated with the Michigan Economic Development Corporation (MEDC) on the Semiconductor Talent Action Team (TAT). The TAT had several goals: developing Michigan-created semiconductors, onshoring both legacy and advanced semiconductor systems, creating well-paying manufacturing jobs, reducing semiconductor shortages, and securing the supply chain.

During this hearing, Senator Raimondo reinforced that the US government is committed to stimulating both R & D and job training in semiconductors. Our goal is to have “a whole ecosystem that we want to deepen in the United States.” And a significant part of this ecosystem is the advanced packaging for which Calumet Electronics is known and respected.

We look forward to seeing Michigan Tech and Calumet Electronics as vital components of and important players in this ecosystem.