Security Expert Sees Cyber Infrastructure Vulnerabilities

Issues Raised by CCNY’s Tarek Saadawi Addressed in Conference June 8-9 and New Book Available Through Strategic Studies Institute

A cyber attack earlier this year on an Iranian nuclear facility may have set back Iran’s alleged plan to build an atom bomb.  However, the target of that incident, the plant’s control and monitoring systems, has implications for a wide range of strategic infrastructure, according to cyber security expert Dr. Tarek Saadawi, director, Center for Information Networking, and professor of electrical engineering in the Grove School of Engineering at The City College of New York.

“Cyber attacks on SCADA (supervisory control and data acquisition) systems, which monitor and control industrial, infrastructure, or facility-based processes, have become a big area of concern,” said Professor Saadawi, co-organizer of the Cyber Infrastructure Protection 2011 Conference (CIP11), June 8 – 9 at CCNY, and co-editor of a new book on the topic. “These attacks can disable any kind of large plant, including power grids, water supplies, air traffic control networks and railroads.”

CIP11 is a two-day cyber security strategy and policy conference that brings together government, business, and academic leaders.  Its objective is to assess the vulnerability of our cyber infrastructure and provide strategic policy directions for the protection of such infrastructure.

Even as government and business spend billions attempting to secure sophisticated network and computer systems, cyber attackers are able to introduce new viruses, worms and bots that can defeat many of these efforts.   “A cyber attack on our energy grid could cut off service to large areas of the country,” Professor Saadawi warned.  Government, business and academia must therefore work together to understand the threat and develop various modes of fighting cyber attacks.”

In addition, they need to establish and enhance a framework for deep analysis of this multidimensional issue, he said.  The conference will focus on strategic and policy directions and how these policy directions should cope with the fast-paced technological evolution.  Topics to be addressed include:

•    How vulnerable is the nation’s critical infrastructure to cyber attack, including our financial systems and logistical systems?
•    How should national defense against cyber attacks be organized?
•    What legal impediments impact efforts to defend the nation against cyber attacks, especially in the realm of preventive, preemptive, and retaliatory actions?

Thomas G.A. Brown, assistant U.S. attorney, Southern District of New York, will deliver the conference keynote address 9 a.m. Wednesday, June 8.  His topic will be “Cyber Crime: A Prosecutor’s View.” Dr Stuart Starr of National Defense University will deliver luncheon keynote address at 1:30 p.m. that day, and Dr  Krishan Sabanani, vice president of network research at Bell Labs will deliver the keynote address 9 a.m. Thursday, June 9.   Other speakers are:

•    Dr. Thomas J. Holt, Michigan State University.
•    Dr. Rob D’Ovidio, Drexel University.
•    Irv Schlanger, Drexel University.
•    Dr Rajesh Talpade, NIKSUN.
•    Dr. Max Kigler, Honeynet Project.
•    Dr. Michael Losavio, University of Louisville.
•    Dr Abharjit Ghosh, Telcordia
•    Dr. Melissa Dark, Purdue University.
•    Joshua Gruenspecht, Center for Democracy & Technology.
•    Dr. Adam M. Bossler, Georgia Southern University.
•    Dr. George W. Burruss, Southern Illinois University.
•    Thomas M. Overman, Boeing Energy Cyber Security.
•    Walter Sikora, Industrial Defender Inc.

The conference is presented by the Center for Information Networking and Telecommunications and Colin Powell Center for Policy Studies at City College and the U.S. Army War College’s Strategic Studies Institute (SSI).   Conference co-sponsors are the IEEE New York Section and the New York Chapter of the IEEE Computer Society.

Additional information about the conference and register to attend or view via webcast can be found at /cip.    

Professor Saadawi and his fellow co-organizer, Col. Louis Jordan of the Army War College, also served as co-editors of “Cyber Infrastructure Protection.”   This new book, free from the Strategic Studies Institute, provides an integrated view and a comprehensive framework of the various issues relating to cyber infrastructure protection.  

The book is divided into three main parts.  Part I deals with strategy and policy issues related to cyber security.  It provides a theory of cyber power, a discussion of Internet survivability as well as large-scale data breaches and the role of cyber power in humanitarian assistance.

Part II covers social and legal aspects of cyber infrastructure protection and it provides discussions concerning the attack dynamics of politically and religiously motivated hackers. Part III discusses the technical aspects of cyber infrastructure protection including the resilience of data centers, intrusion detection, and a strong focus on IP-networks.

The book can be ordered online from the Strategic Studies Institute athttp://www.strategicstudiesinstitute.army.mil/pubs/display?PubID=1067

MEDIA CONTACT

Ellis Simon
p: 212.650.6460
e: esimon@ccny.cuny.edu