{"id":16549,"date":"2022-05-23T20:52:59","date_gmt":"2022-05-24T00:52:59","guid":{"rendered":"https:\/\/engineering.jhu.edu\/magazine-archive\/?p=16549"},"modified":"2023-01-04T11:59:46","modified_gmt":"2023-01-04T16:59:46","slug":"thwarting-cyberattacks","status":"publish","type":"post","link":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/","title":{"rendered":"Thwarting Cyberattacks"},"content":{"rendered":"

 <\/p>\n\"\"<\/a>\n

German Power company Enercon operates an array of 5,800 wind turbines that can generate up to 11 gigawatts of power when operating at full capacity. But on the morning of Feb. 24, 2022, those turbines went silent.<\/strong><\/p>\n

The timing\u2014the same day Russia began its invasion of Ukraine\u2014was not a coincidence. \u201cThey\u2019re all connected to a satellite station that was interfered with by Russia as part of this conflict,\u201d says Gregory Falco<\/a>, an assistant professor of civil and systems engineering<\/a> and a member of the Johns Hopkins Institute for Assured Autonomy<\/a>. The evidence suggests that the attack was primarily focused on disrupting Ukrainian lines of communication and that Enercon\u2019s turbines\u2014which were controlled by the same satellite\u2014were merely collateral damage. \u201cThe communication window was shut down, so it couldn\u2019t communicate with the turbines, and the turbines died,\u201d says Falco.<\/p>\n

These kinds of cyberattacks are now part and parcel of modern espionage and conflict, notes Anton Dahbura<\/a> PhD \u201984, co-director of the IAA and executive director of the Johns Hopkins Information Security Institute<\/a>. \u201cIt\u2019s pretty easy for a country to build offensive cyber capability,\u201d he says. \u201cIt\u2019s also easy to make attribution murky\u2014if they just want to damage their neighbor\u2019s banking system but then disavow responsibility.\u201d Such attacks can be part of a military offensive, as is now being seen in the Russia-Ukraine war, but they can also take the form of lesser incursions intended to probe a rival\u2019s weaknesses or sow chaos.<\/p>\n

High-profile, national-scale cybersecurity threats may grab headlines, but there are also myriad ways in which the general public can potentially fall prey to exploitation by bad actors online. Although some of these attacks may be delivered through predictable routes, such as our phones or laptops, we also live our lives surrounded by less obvious\u2014but equally vulnerable \u2014gateways to the internet. \u201cPretty much anything electronic that you buy nowadays comes with an app for it,\u201d says Avi Rubin<\/a>, professor of computer science<\/a> and technical director of the ISI.<\/p>\n

Research at the ISI and IAA is focused on identifying and defending against such vulnerabilities at every level of America\u2019s digital infrastructure\u2014but this is a challenging and never-ending task, where the villains\u2019 tactics are evolving just as rapidly as the technology they exploit.<\/p>\n

\"\"<\/a><\/div>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

Long before Enercon\u2019s turbines went offline, Dahbura was keeping a close eye on the simmering tension between Ukraine and Russia. In collaboration with Johns Hopkins cybersecurity specialist Terry Thompson, his group runs the Cyber Attack PredictiveIndex, an online \u201cleaderboard\u201d that ranks the likelihood of one nation dispatching a hacker-led offensive against another.\u201cThat conflict was at the top or close to the top of our index for quite a while,\u201d says Dahbura, pointing out prior incursions such as Russia\u2019s high-profile, debilitating attack on Ukraine\u2019s power grid back in 2015.<\/p>\n

There are numerous other international disputes that have the potential to play out in the cybersphere rather than as conventional warfare. For example, Egypt is currently at odds with Ethiopia over a dam project that it believes will interfere with Egypt\u2019s water access, and in 2020, Egyptian hackers took over various Ethiopian government websites to issue a series of pointed threats.The CAPI team assesses the likelihood of each of these conflicts erupting into a cyberattack based on five factors for any given pair of potential \u201caggressor\u201d and \u201cdefender\u201d states. These include the aggressor\u2019s motivation and capacity to mount such an attack, their fear of retribution, whether cyberwarfare is part of a broader national security strategy, and the vulnerabilities of the defender. Each of these factors is given a score from one to five, producing a total that reflects the relative likelihood of a future incident. Higher scores indicate higher risk, and the Russia-Ukraine dyad recently achieved the dubious honor of receiving the first \u201c25\u201d score since CAPI\u2019s inception in late 2020.<\/p>\n

The index is primarily intended as a public resource, to inform and educate general audiences about this rapidly evolving component of international relations and security, but Dahbura also sees the CAPI program as an important educational opportunity. All the rankings are generated by a review board composed of students from the Whiting School\u2019s computer science program and the Krieger School of Arts and Sciences\u2019 international studies program, with each student assigned a particular region of the world to monitor.<\/p>\n

\u201cI\u2019m really big on empowering undergraduates,\u201d Dahbura says. \u201cThey have so much talent, so much potential, and really relish the opportunity to be involved in these kinds of efforts.\u201d After the students present their findings at a weekly meeting with Thompson and Dahbura, the group revises the CAPI rankings accordingly. \u201cSadly, there are many more additions being made to the list than deletions,\u201d says Dahbura.<\/p>\n\"\"<\/a>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n

One commonly used weapon in the cyberattack arsenal is ransomware, which employs malevolent code to lock up or steal a victim\u2019s files. Depending on the nature and sensitivity of the ensnared data, the attackers may threaten to either erase or broadly disseminate their ill-gotten goods unless paid a sizable bounty\u2014typically in some form of cryptocurrency.<\/p>\n

Falco\u2019s group is focused on limiting the impact of such attacks in the context of aerospace systems, utilities, and other essential services. \u201cWe try to make sure that things that are operationally critical to different infrastructures are secure,\u201d he says, citing such examples as energy providers and the aerospace industry. Early 2021 saw one such attack, when a group of Russia-based hackers known as DarkSide managed to infiltrate and essentially shut down the computer network of the Colonial Pipeline, which provides 45% of the oil supply for the eastern U.S.<\/p>\n

In this particular attack, the company promptly paid the ransom\u2014$4.4 million worth of Bitcoin\u2014and received a decryption tool to recover its lost data. But Falco warns that modern ransomware attacks have taken a darker and more nihilistic turn, at least at the level of state-sponsored or -approved incursions. \u201cThey\u2019re not trying for the money,\u201d he says. \u201cThey’re really going after the control, and they’re trying to shut you down and make chaos\u2014and they\u2019re pretty good at it.\u201d Even a day or two without service could be disastrous for a financial service company, air traffic control system, law enforcement agency, or energy provider.<\/p>\n

\"\"<\/a>A key challenge with fending off ransomware is that it primarily exploits human vulnerabilities, such as an employee being tricked into clicking a link that allows malware to install. Smarter network design could help limit the damage, however. Falco highlights \u201czero trust\u201d network architectures as one solution.<\/p>\n

\u201cThat basically means that you should always assume that someone\u2019s in your system when you\u2019re doing something and act with the knowledge that you can\u2019t trust even your own systems for things,\u201d he says. This is in contrast to conventional architectures, where trust is baked in and infiltration of one node can give a bad actor ready access to the rest of the network.<\/p>\n

But Falco also warns that there is no single strategy that guarantees protection and that vulnerable organizations should pursue multiple parallel strategies and backup plans that evolve along with the threats they encounter. \u201cYou have to just assume you\u2019re going to get hit, with a lot of cuts over a long period of time,\u201d he says. \u201cAnd you just have to have a whole bunch of ways around the way you\u2019re going to get hit.\u201d<\/p>\n

\"\"<\/a><\/p>\n

From time to time, random civilians might fall prey to a ransomware attack, and Falco notes that the ability to purchase prewritten ransomware code on the so-called dark web can enable attacks of opportunity by dilettante hackers. These are the exception rather than the rule, however. \u201cThe days of ransomware gangs attacking single individuals are probably behind us,\u201d says Joseph Carrigan, senior security engineer at the IAA and the ISI.<\/p>\n

But individuals must be mindful of other vulnerabilities that could expose them to risk from hackers in their day-to-day lives. The rapid proliferation of web-enabled Internet of Things devices is of particular concern.<\/p>\n

\u201cThere are all these devices that we just buy and plug in, and we don\u2019t really think about what constitutes a \u2018thing\u2019 in the Internet of Things,\u201d says Carrigan. A particularly savvy and privacy-minded individual might be aware of the vulnerabilities associated with a \u201csmart\u201d security camera or baby monitor while also forgetting about their smart TV, humidifier, and meat thermometer. \u201cEarly on, a lot of these things were just pushed out without any consideration for security, creating ample opportunities for exploitation,” says Carrigan.<\/p>\n

\"\"<\/a>Some are simply direct violations of privacy, like hijacking device microphones or cameras to record individuals without their knowledge. But Rubin also notes that attacks on these vulnerable devices can expose every other device that happens to be on that same Wi-Fi network, including computers, tablets, or phones with sensitive data.<\/p>\n

\u201cIf someone compromises a device that\u2019s on the inside of a network, like an IoT coffee maker or something, now they have the access to the network that an insider would have,\u201d he says. These intrusions can even be used to quietly rally armies of internet-enabled \u201cbots,\u201d which can then be used to launch far more aggressive \u201cdistributed denial of service\u201d attacks that knock entire businesses or even government institutions offline.<\/p>\n

\u201cWe think we own our own devices, but maybe the device is completely under the control of the Russians or Chinese or someone else,\u201d says Rubin. \u201cThat\u2019s the type of attack that we\u2019ve seen.\u201d<\/p>\n

Rubin\u2019s group is part of a multi-institutional,$10 million research initiative called Security and Privacy in the Lifecycle of IoT for Consumer Environments, which aims to identify and counter vulnerabilities in these increasingly ubiquitous smart devices. One of the initiative\u2019s current priorities is the development of tools to assist in the detection and discovery of networked devices in a given environment\u2014something that can be particularly important with regard to privacy and security in shared living spaces.<\/p>\n\"\"<\/a>\n

In some cases, the threat to your privacy could literally be staring you in the face\u2014or perhaps hovering over your backyard. There are well over half a million consumer-operated drones in the U.S., and although most are engaged in harmless hobby videography, some are being deployed for more nefarious and invasive purposes.<\/p>\n

Lanier Watkins<\/a>, an associate research scientist at the ISI, an instructor in Johns Hopkins\u2019 Engineering for Professionals<\/a> programs, and a member of the senior professional staff at APL, cites the hypothetical example of a backyard pool party where teenagers are lounging and having fun\u2014but a neighbor\u2019s drone is surreptitiously recording the proceedings from the adjacent airspace. Watkins notes that the current market-leading manufacturer of consumer drones, DJI, offers models with an \u201cactive track\u201d mode, which allows them to be trained on and autonomously follow a subject of interest without requiring Wi-Fi support or human intervention. \u201cThe drones are controlling themselves,\u201d he says. This is a great feature for recording a wedding or capturing skateboarding tricks\u2014but also, unfortunately, for would-be stalkers.<\/p>\n\"\"<\/a>\n

In a 2020 study, Watkins and colleagues set about identifying countermeasures against such unwanted aerial snooping. One strategy that proved remarkably effective was a blast of bright light from an LED spotlight. \u201cIf that spotlight is shone directly at the drone for three to five seconds, that causes the drone to kick out of autonomous mode … and it just sits there hovering,\u201d says Watkins. He adds that a similar effect could probably be achieved with a very bright flashlight.<\/p>\n

As an alternative, his team was also able to exploit a restraining mechanism built into consumer drones that prevents them from entering airspace in the vicinity of airports or high-security installations, like military bases or the White House.<\/p>\n

\u201cIt\u2019s called geofencing,\u201d says Watkins. \u201cAnd if you try to fly there, it will land or it won\u2019t respond.\u201d Using a device called a Hack RF One, his team was able to send signals that tricked the onboard GPS systems of DJI drones into thinking they had entered forbidden territory, bringing their autonomous surveillance to an end. Working in collaboration with students at the U.S. Naval Academy, Watkins has also assembled a prototype device that can both detect and immobilize autonomous drones using this kind of GPS \u201cspoofing\u201d attack.<\/p>\n

\"\"<\/a><\/p>\n

However, Watkins also cautions that the same tactics that defend against improperly used drones could also be used to knock out and steal an innocent bystander\u2019s expensive hardware. And as more and more autonomous systems enter the consumer marketplace, cybersecurity researchers will need to be prepared for increasingly sophisticated attacks that either subtly manipulate or overtly sabotage those systems.<\/p>\n

Machine learning has evolved from being just another flashy buzzword to become the backbone of software tools employed in diverse sectors, including health care, finance, security, and transportation. These algorithms are fed huge amounts of training data, which allow them to identify complex patterns that can then be used to analyze and interpret input collected in \u201creal-world\u201d settings. This could include teaching programs to suggest appropriate therapeutic strategies based on a patient\u2019s diagnostic data or educating autonomous vehicles in how to safely follow the rules of the road.<\/p>\n

\"\"<\/a>But there are also numerous ways to game these systems, says Yinzhi Cao<\/a>, an assistant professor of computer science<\/a> and member of the ISI, whose work is focused on identifying and learning how to counter such \u201cadversarial machine learning\u201d strategies. For example, one can \u201cpollute\u201d the training data in a way that skews how the algorithm responds. Cao cites the example of Microsoft\u2019s Tay chatbot experiment from 2016, which was deliberately trained by ill-intentioned Twitter users to spew racist and anti-Semitic abuse. As unpleasant as this experience was, the same style of attack could have far worse consequences in the context of medical software, for example. \u201cIf your diagnosis is wrong, then that could be catastrophic,\u201d says Cao.<\/p>\n

Other attacks take advantage of how machine learning algorithms perform pattern recognition. For example, one can use \u201cpatches\u201d to manipulate images in ways that confuse computer vision software, leading the algorithm to interpret those images incorrectly. Even subtle tricks can have surprising effects; in a 2017 study, Cao and colleagues found that changes in lighting conditions could cause the image analysis algorithms used by an experimental autonomous vehicle to make a potentially deadly mistake. \u201cYou could make a car crash,\u201d says Cao. \u201cLike if it was going left, but then you make it go right.\u201d<\/p>\n

\"\"<\/a><\/p>\n

One of the best ways to defeat adversarial behavior is to think like your adversary. For example, Cao\u2019s team has found that it can make machine learning algorithms more robust by doing its best to deceive and mislead the algorithms. But it is difficult to anticipate every failure mode for a complex system. \u201cAs recently as one year ago, we were up to 40- to 50% accuracy in terms of defending against adversarial examples,\u201d says Cao. \u201cThat\u2019s not very high, and it\u2019s still an open problem that we need people to solve.\u201d<\/p>\n

\"\"<\/a><\/p>\n

Similarly, as new technologies move to the fore, experts already need to begin thinking about what vulnerabilities they might contain. \u201cThe issue is whenever there’s something new and everybody goes, \u2018Ooh, that’s cool,\u2019 malicious actors say the same thing,\u201d says Carrigan. As an example, he cites Silicon Valley\u2019s growing enthusiasm for the so-called metaverse, and virtual and augmented reality interfaces in general. \u201cWhatever the metaverse turns out to be, there will be scams,\u201d he says. And just like with today\u2019s cyberattacks, the stakes could potentially range from violations of personal privacy to actual threats to national security.<\/p>\n

But perhaps the most fundamental issue for the cybersecurity experts is that no matter how sophisticated a piece of technology might be, it\u2019s only as secure as the people who operate it. \u201cThe first kinetic action in 90% of the breaches we see is an email going \u2018Hey, take a look at this\u2019 or \u2018log into this site,\u2019 and then it\u2019s all just credential harvesting or malicious attachments,\u201d says Carrigan. \u201cIt\u2019s a fairly standard list of first steps.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Threats to cybersecurity loom large in today’s world, putting us all at risk of being exploited by bad actors. Whiting School experts are focused on spotting cyber vulnerabilities and defending against them–a never-ending task, where the villains’ tactics are evolving just as rapidly as the technology they exploit.<\/p>\n","protected":false},"author":4,"featured_media":17082,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[28],"tags":[],"class_list":["post-16549","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-features","issue-spring-2022"],"acf":[],"yoast_head":"\nThwarting Cyberattacks - JHU Engineering Magazine<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Thwarting Cyberattacks - JHU Engineering Magazine\" \/>\n<meta property=\"og:description\" content=\"Threats to cybersecurity loom large in today's world, putting us all at risk of being exploited by bad actors. Whiting School experts are focused on spotting cyber vulnerabilities and defending against them--a never-ending task, where the villains' tactics are evolving just as rapidly as the technology they exploit.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/\" \/>\n<meta property=\"og:site_name\" content=\"JHU Engineering Magazine\" \/>\n<meta property=\"article:published_time\" content=\"2022-05-24T00:52:59+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-01-04T16:59:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2022\/05\/cursers-alone-1.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"504\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Abby Lattes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Abby Lattes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"14 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/\"},\"author\":{\"name\":\"Abby Lattes\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#\\\/schema\\\/person\\\/0244393be370fbc3ead8ec26062e9742\"},\"headline\":\"Thwarting Cyberattacks\",\"datePublished\":\"2022-05-24T00:52:59+00:00\",\"dateModified\":\"2023-01-04T16:59:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/\"},\"wordCount\":2693,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/cursers-alone-1.jpeg\",\"articleSection\":[\"Features\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/\",\"url\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/\",\"name\":\"Thwarting Cyberattacks - JHU Engineering Magazine\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/cursers-alone-1.jpeg\",\"datePublished\":\"2022-05-24T00:52:59+00:00\",\"dateModified\":\"2023-01-04T16:59:46+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#\\\/schema\\\/person\\\/0244393be370fbc3ead8ec26062e9742\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/cursers-alone-1.jpeg\",\"contentUrl\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2022\\\/05\\\/cursers-alone-1.jpeg\",\"width\":504,\"height\":360},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2022\\\/05\\\/thwarting-cyberattacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Thwarting Cyberattacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#website\",\"url\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/\",\"name\":\"JHU Engineering Magazine\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#\\\/schema\\\/person\\\/0244393be370fbc3ead8ec26062e9742\",\"name\":\"Abby Lattes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g\",\"caption\":\"Abby Lattes\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Thwarting Cyberattacks - JHU Engineering Magazine","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/","og_locale":"en_US","og_type":"article","og_title":"Thwarting Cyberattacks - JHU Engineering Magazine","og_description":"Threats to cybersecurity loom large in today's world, putting us all at risk of being exploited by bad actors. Whiting School experts are focused on spotting cyber vulnerabilities and defending against them--a never-ending task, where the villains' tactics are evolving just as rapidly as the technology they exploit.","og_url":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/","og_site_name":"JHU Engineering Magazine","article_published_time":"2022-05-24T00:52:59+00:00","article_modified_time":"2023-01-04T16:59:46+00:00","og_image":[{"width":504,"height":360,"url":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2022\/05\/cursers-alone-1.jpeg","type":"image\/jpeg"}],"author":"Abby Lattes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Abby Lattes","Est. reading time":"14 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#article","isPartOf":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/"},"author":{"name":"Abby Lattes","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#\/schema\/person\/0244393be370fbc3ead8ec26062e9742"},"headline":"Thwarting Cyberattacks","datePublished":"2022-05-24T00:52:59+00:00","dateModified":"2023-01-04T16:59:46+00:00","mainEntityOfPage":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/"},"wordCount":2693,"commentCount":0,"image":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#primaryimage"},"thumbnailUrl":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2022\/05\/cursers-alone-1.jpeg","articleSection":["Features"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/","url":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/","name":"Thwarting Cyberattacks - JHU Engineering Magazine","isPartOf":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#website"},"primaryImageOfPage":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#primaryimage"},"image":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#primaryimage"},"thumbnailUrl":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2022\/05\/cursers-alone-1.jpeg","datePublished":"2022-05-24T00:52:59+00:00","dateModified":"2023-01-04T16:59:46+00:00","author":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#\/schema\/person\/0244393be370fbc3ead8ec26062e9742"},"breadcrumb":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#primaryimage","url":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2022\/05\/cursers-alone-1.jpeg","contentUrl":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2022\/05\/cursers-alone-1.jpeg","width":504,"height":360},{"@type":"BreadcrumbList","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2022\/05\/thwarting-cyberattacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/engineering.jhu.edu\/magazine-archive\/"},{"@type":"ListItem","position":2,"name":"Thwarting Cyberattacks"}]},{"@type":"WebSite","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#website","url":"https:\/\/engineering.jhu.edu\/magazine-archive\/","name":"JHU Engineering Magazine","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/engineering.jhu.edu\/magazine-archive\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#\/schema\/person\/0244393be370fbc3ead8ec26062e9742","name":"Abby Lattes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g","caption":"Abby Lattes"}}]}},"_links":{"self":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts\/16549","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/comments?post=16549"}],"version-history":[{"count":17,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts\/16549\/revisions"}],"predecessor-version":[{"id":17656,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts\/16549\/revisions\/17656"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/media\/17082"}],"wp:attachment":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/media?parent=16549"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/categories?post=16549"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/tags?post=16549"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}