Cyber
The Next Frontier
Become part of a critical layer of cyber defense. Cybersecurity positions will make up 45% of all US tech job openings.
The National Security Agency designated the University of Arizona's Cyber Operations program as a Center of Academic Excellence in Cyber Operations (CAE-CO). With this designation, UA joins an extremely exclusive group of only 24 cyber programs in the nation. The NSA's CAE-CO designation demonstrates that UA's Cyber Operations program meets the most demanding academic and technical requirements.
The Bachelor of Applied Science in Cyber Operations prepares graduates for cyber-related occupations in defense, law enforcement, and private industry.
Our curriculum includes both offensive and defensive cyber security content delivered within our state-of-the-art Virtual Learning Environment to ensure our students have extensive hands-on experiences to develop the knowledge, skills, and abilities necessary to succeed after they graduate.
Cyber
Engineering
Defense
& Forensics
Cyber Law
& Policy
Program News
DoD Cyber Scholarship Program (CySP)
The DoD CySP is a yearly scholarship program aimed at Juniors and Seniors pursuing a bachelor’s degree in cyber-related academic disciplines. The CySP is a 1-year scholarship, which grants selected Cyber Scholars tuition and mandatory fees (including health care), funding for books, a $25K annual stipend, and guaranteed employment with a DoD agency upon graduation.Cyber News
Campaigns and political parties are in the crosshairs of election meddlers
Foreign nations, criminal hacking groups and other malicious actors looking to influence elections have dedicated fewer resources to directly targeting or hacking election infrastructure and have shifted toward attacking major players in the electoral ecosystem, such as campaigns, political parties, news outlets and social media, according to a report released Thursday by Mandiant and Google Cloud.
Attacks on voting machines and election systems, the hacking of political campaigns and election officials, and online information operations continue to pose threats to the integrity — or perceived integrity — of the democratic process. And Thursday’s report details how the threat landscape facing elections has become more complex and multifaceted over the past decade.
But its authors also caution that it is important not to overstate the influence of groups seeking to undermine elections.
“Many of their operations follow a familiar formula: attacks with limited practical effects are exaggerated for maximum psychological impact,” John Hultquist, chief analyst at Google Cloud, said in a statement. “We will have to strike a balance between preparing for these threats while also being careful not to exaggerate their impacts.”
The rapid proliferation of machine learning systems has stoked fears that such technology will be used to manipulate elections, but the report cautions that it remains to be seen how newer threats, such as deepfakes and other forms of AI-generated disinformation, may impact elections and voter behavior.
The report concludes that the unauthorized access or theft of data, hack-and-leak operations and distributed denial of service attacks represent the most likely attack vectors for the 2024 elections.The likelihood of cyber-enabled vote tampering remains low but also has the greatest potential impact, according to the report.
Based on observations from past election cycles, the report suggests that foreign intelligence services, domestic actors and hacktivist groups are likely to combine multiple types of attacks for a more “layered” approach.
Mandiant believes Russia poses the greatest threat to upcoming elections in the U.S., U.K. and Europe, with Moscow showing a willingness and intent to directly target and influence outcomes. China, Iran and North Korea were all deemed more moderate threats that are primarily interested in cyber espionage and influence operations that spread favorable narratives about their own countries.
But experts caution that reaching audiences through influence operations is now more difficult, as democratic governments and technology companies have become more adept at spotting and exposing them.
“This isn’t 2016. Though there are more actors in play, many are struggling to build and maintain influence in an environment where their operations are regularly identified and removed,” said Hultquist, referring to Russia’s hack-and-leak operations and efforts to influence U.S. voters on social media.
The shift by malicious groups away from targeting election infrastructure comes on the back of efforts to address the vulnerability of voting machines, voter registration systems and other parts of election infrastructure. Efforts by states, the Cybersecurity and Infrastructure Security Agency and Congress to replace paperless voting machines and harden physical and digital protection of election systems across the country in 2018 and 2020 may have helped to reduce the attack surface facing many of these technologies.
“I actually think we’re in much better shape today than we were in 2016, for example, on the electoral infrastructure side,” Michael Daniel, a White House cybersecurity adviser during the Obama administration, said this week during a discussion on election security hosted by Defending Digital Campaigns.
Nevertheless, traditional election security concerns are far from irrelevant. With former President Donald Trump claiming widespread voter fraud in the 2020 election, the integrity of the voting process, the security of voting machines and how votes are tallied remains under intense scrutiny. Trump’s claims of fraud have been repeatedly debunked, but his insistence that the 2020 vote was rigged has placed election administrators under a microscope and bred deep skepticism among many voters about the integrity of American elections.
To push back on theories of a deep state cabal that controls the voting process, election officials across the country increasingly are holding events with the public and media to inspect voting machines, to sit in on audits and the certification of voting tallies and to meet election officials.
Some voting integrity activists have expressed concern that in the wake of Trump’s falsehoods about 2020, Democrats and election security advocates have become too reluctant to push for more transparency or safeguards around voting and election infrastructure, for fear of giving oxygen to the more outlandish and unfounded theories around voter fraud.
Marilyn Marks, executive director for the Coalition for Good Governance, which is suing Georgia election officials in an effort to replace voting machines statewide that they say are unsafe and vulnerable to hacking, told CyberScoop last month that such efforts are more important than ever in order to credibly beat back past and future claims of rigged elections.
If bad actors “don’t hack the system, [Republicans are still] going to claim it’s hacked, and you cannot know,” Marks said. “They can make these wild claims that may or may not be true, and we’ll never know.”
Meanwhile, political campaigns are viewed as particularly vulnerable to groups looking to meddle in elections, foreign spying operations and run-of-the-mill cyber criminals. Campaigns often rely on high-profile political operatives who may go on to hold important government positions, have access to valuable or sensitive data that would interest foreign intelligence services and can function as vectors for damaging hack-and-leak operations.
Cybersecurity operations for political campaigns are also volatile and ad hoc, relying on shifting personnel, shoestring budgets and uncertain funding.
Mick Baccio, who served as chief information security officer for Pete Buttigieg’s presidential campaign, said the financial and operational realities of a political campaign make cyber services difficult to secure. Services like endpoint detection must be bought on a month-to-month basis, and cybersecurity is rarely a priority.
“It was me and maybe one other person that was a security team for a presidential campaign, and that’s at the top of the table,” Baccio said. “So when the money comes down, [the resources] are really not there.”
The post Campaigns and political parties are in the crosshairs of election meddlers appeared first on CyberScoop.
CISA ransomware warning program set to fully launch by end of 2024
The Cybersecurity and Infrastructure Security Agency plans to fully launch by year’s end an automated vulnerability warning program to alert organizations that are running software with vulnerabilities being exploited by ransomware gangs, the agency’s director, Jen Easterly, said Wednesday.
Currently running in a pilot phase, the program is mandated by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 and aims to reduce the number of ransomware attacks by getting the owners and operators of vulnerable systems to patch them before they can be infiltrated.
“The warning pilot is focused on reducing the prevalence of ransomware by using our vulnerability scanning tools to let businesses know if they have vulnerabilities that need to be patched,” Easterly said at an event hosted by the Institute for Security and Technology.
Easterly said that the agency has issued 2,049 warnings since the pilot was launched in January of last year. It has since expanded to include CISA’s database of known exploited vulnerabilities as well as common misconfigurations that can be linked to ransomware attacks.
Though breaches carried out by state-backed hackers tend to garner the most attention, ransomware attacks are arguably a more immediate, urgent threat. A recent ransomware attack on the payment processor Change Healthcare crippled parts of the U.S. health care system, and on Monday the company warned that the sensitive and personal health information stolen in the breach could impact a “substantial portion” of the U.S. public.
In order to be alerted, Easterly said that organizations need to be signed up for CISA’s free cyber hygiene scanning tool but said the agency might also reach out if vulnerable devices are found on an internet-scanning service, such as Shodan. She said CISA would use its administrative subpoena power to alert organizations with vulnerable devices that are internet-facing. Around 7,000 organizations have signed up for the pilot.
The post CISA ransomware warning program set to fully launch by end of 2024 appeared first on CyberScoop.
FCC wants rules for ‘most important part of the internet you’ve probably never...
The Federal Communications Commission is set to vote Thursday on restoring landmark net neutrality rules that the commission says will strengthen its footing to write more cybersecurity regulations, but industry and some cyber-focused organizations have warned that those potential new rules could lead to less security, not more.
As part of its bid to reinstate the net neutrality rules, the FCC envisions being better positioned to take action to protect what FCC Chairwoman Jessica Rosenworcel and Cybersecurity and Infrastructure Security Agency Director Jen Easterly described in a blog post last year as “the most important part of the internet you’ve probably never heard of” — the Border Gateway Protocol, or BGP.
BGP is a set of technical rules for internet data routing, and Rosenworcel and Easterly argued last year that the U.S. is “lagging behind” on BGP security.
“BGP does not include explicit security features to ensure trust in exchange information,” they wrote. “As a result, an adversary may deliberately falsify BGP reachability information to redirect traffic, and state-level actors have been suspected over the years of exploiting BGP’s vulnerability to hijacking. These ‘BGP hijacks’ can expose personal information, enable theft, extortion, and state-level espionage, and disrupt security-critical transactions, including in the financial sector.”
The FCC first raised the possibility of regulations on BGP in 2022, and discussed it again in the net neutrality rule it released April 4.
“The Commission could consider requiring service providers to deploy solutions to address BGP vulnerabilities, such as BGP hijacks,” the FCC wrote in the proposed April rule. “The agency could also consider establishing cybersecurity requirements for BGP, including ‘security features to ensure trust in the information that it is used to exchange,’ which could prevent bad actors from ‘deliberately falsify[ing] BGP reachability information to redirect traffic to itself or through a specific third-party network, and prevent that traffic from reaching its intended recipient.’”
When the FCC first contemplated regulations on BGP two years ago, USTelecom — which represents companies like Verizon and AT&T — suggested that the FCC’s claims to regulatory authority on the matter were legally dubious.
The FCC wrote in the April 4 document that acting on net neutrality would put the agency “in a stronger position to address vulnerabilities threatening the security and integrity of the Border Gateway Protocol.”
But some question the wisdom of FCC regulations on BGP. The Internet Society, a nonprofit that advocates for an open and secure internet, and the Global Cyber Alliance, a nonprofit focused on reducing cyber risk, recently wrote to the FCC to raise their concerns.
“If the FCC were to proceed and issue regulations about how to address certain security threats, those regulations would stay static,” said John Morris, principal on U.S. internet policy and advocacy at the Internet Society. “Providers would comply with those regulations, and they perhaps would not do anything more than that.”
The Global Cyber Alliance leads an international voluntary industry initiative known as the Mutually Agreed Norms for Routing Security, once led by the Internet Society. “We too would like a secure routing system,” said Leslie Daigle, chief technology officer at the Global Cyber Alliance. “It would be great to see more support for the industry-led effort to achieve that end rather than having to regulate it.”
The two groups also worry that other countries could respond to the FCC action by producing conflicting standards that would fragment the internet, leading to further security risks.
That position also reflects industry concerns about BGP regulation that surfaced when the FCC began exploring the issue in 2022.
“Verizon agrees with nearly all other commenters that the global nature of Internet routing means the United States cannot unilaterally solve its inherent security vulnerabilities, and that mandating adoption of any particular set of technologies or standards would be counterproductive or even harmful,” the company wrote.
Under the Biden administration, a bevy of agencies have produced cybersecurity regulations and directives, but many of those are focused on high-risk targets within a given industry. FCC regulations could impact thousands of internet service providers and networks, Morris said.
Despite the private sector’s skepticism, federal agencies appear to mostly back the FCC’s approach. In 2022, multiple agencies signaled support for the FCC’s efforts to secure BGP.
“We understand that the global nature of the internet increases the challenges associated with making BGP more secure,” the Justice and Defense departments wrote in a joint filing. “From a national security perspective, however, we believe that establishing an industry-wide baseline of BGP security measures would go a long way towards protecting the transmission of U.S.-person data and communications in a constantly changing threat environment. The status quo has not achieved — and cannot achieve — that objective.”
The FCC also suggested that reinstating net neutrality rules could help it take action to address security threats related to the Domain Name System. The Internet Society and Global Cyber Alliance said they’d have similar doubts about the FCC doing so.
Multiple industry groups did not respond to requests for comment on the FCC’s comments about BGP regulation in the April 4 document. The FCC did not respond to requests for comment on the concerns from industry and others.
More broadly, the FCC has made cybersecurity a small part of its pitch for reinstating net neutrality. Some have also questioned other elements of the FCC’s cybersecurity pitch, such as whether it would empower the commission to go after broadband service providers it sees as security risks.
The post FCC wants rules for ‘most important part of the internet you’ve probably never heard of’ appeared first on CyberScoop.
Iranian nationals charged with hacking U.S. companies, Treasury and State...
The U.S. government on Tuesday took sweeping action against four Iranian nationals, accusing them of participating in hacking operations that targeted the U.S. Treasury and State departments, defense contractors and two New York-based companies on behalf of the Iranian Islamic Revolutionary Guard Corps (IRGC).
All four were indicted and charged with conspiracy to commit computer fraud, conspiracy to commit wire fraud, and wire fraud. They each face up to five years in prison for the computer fraud conspiracy charge and up to 20 years in prison for each count of wire fraud and conspiracy to commit wire fraud, the U.S. Department of Justice said in a statement.
The four were also sanctioned by the Treasury Department, and the State Department is offering a reward of up to $10 million and possible relocation for any information on three of the men or the companies with whom they’re associated.
The accused defendants are Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani and Alireza Shafie Nasab. The men have various connections to a pair of IRGC front companies, which were used to carry out various aspects of the attacks, according to the Treasury Department: Mehrsam Andisheh Saz Nik (MASN), previously known as Mahak Rayan Afzar, and Dadeh Afzar Arman (DAA).
Harooni was additionally charged with knowingly damaging a protected computer, which could add an additional 10-year prison penalty. Harooni, Salamani and Nasab were also charged with aggravated identity theft, which carries a mandatory consecutive term of two years in prison, the Department of Justice said.
An indictment against Nasab was previously unsealed in February for the same charges, and the State Department had already offered a $10 million reward for information leading to his location.
The men are accused of participating in “a coordinated multi-year campaign to conduct and attempt to conduct computer intrusions” between 2016 through at least April 2021, the Department of Justice said in a statement. The group primarily targeted cleared defense contractors, which are companies authorized to access, receive and store classified information in support of the U.S. Department of Defense.
The group also targeted an unnamed New York-based accounting firm and a New York-based hospitality company, according to the indictment. In total, the group stands accused of targeting more than a dozen U.S. companies, alongside the Treasury and State Departments, according to the State Department’s reward offer.
The Permanent Mission of the Islamic Republic of Iran to the United Nations in New York did not immediately respond to a request for comment.
The post Iranian nationals charged with hacking U.S. companies, Treasury and State departments appeared first on CyberScoop.
Democratic operative behind Biden AI robocall says lawsuit won’t ‘get anywhere’
The Democratic operative behind an AI-generated robocall impersonating President Joe Biden that reached thousands of New Hampshire voters earlier this year said he is cooperating with state and federal authorities and that a lawsuit filed against him is without merit — even as he claimed not to have seen it.
In a phone call with CyberScoop on Monday, Steve Kramer said he was currently in Europe “getting political work done” and he had not seen the lawsuit, filed March 14 by the League of Women Voters. That lawsuit accuses Kramer, Texas political marketing firm Life Corporation and telecommunications carrier Lingo Telecom of engaging in illegal voter suppression under the Voting Rights Act and the Telephone Consumer Protection Act. It seeks damages of $500 for each robocall sent to voters in New Hampshire and other states that urged Democrats not to vote in the presidential primaries.
“I’ve gotten nothing from them, I’ve not been served, I’ve never seen the lawsuit,” he said.
Kramer repeatedly told CyberScoop that he was unaware of the contents of the lawsuit. However, he also expressed skepticism that the effort would succeed.
“They can go ahead and sue but I’ve got to tell you, they’re not going to get anywhere,” he said. “I know why I did it, I know when I did it, I know how I did it.”
He then questioned the basis under which the lawsuit was brought.
“I don’t even know what they can sue for,” he said. “How can the League of Women Voters sue me when I told Democrats not to vote in the Republican primary? They’re not even allowed to vote in the Republican primary.”
The Biden robocall discouraged Democrats from voting in the New Hampshire primary on Jan. 23, where the incumbent president was competing against primary challenger Rep. Dean Phillips, D-Minn. Kramer was a paid consultant for the Phillips campaign, NBC News reported, and his firm, Get Out The Vote, was paid approximately $269,000 by the Phillips campaign in 2023 and 2024 for ballot access and voter contact services. The Phillips campaign has denied any involvement in the creation of the robocall and said it has since severed ties with Kramer.
While the fake Biden call did not specifically call out the Democratic or Republican primary, it included the lines “we know the value of voting Democratic when our votes count” and “your vote makes a difference in November, not this Tuesday.” It also spoofed the phone number of a former state Democratic party official running a write-in campaign for Biden in the New Hampshire Democratic primary, giving recipients the impression that the call was coming from the president’s supporters.
Kramer said he was cooperating with the New Hampshire Department of Justice, the New Hampshire Attorney General’s office and the Federal Communications Commission “to not only satisfy a subpoena but in the future help them to prevent the kind of artificial intelligence that I’ve tried to prevent.”
He also defended his actions, arguing that the creation of the robocall led to substantial national exposure about the dangers of AI-generated deepfakes, spurred regulatory reforms by the FCC and state governments and pushed lawmakers to take the threat of election-related deepfakes more seriously. He reiterated claims made in previous interviews that the robocall cost $500 to produce and generated “$5 million of media exposure.”
“I can’t name any other campaign or any other event that’s happened for $500 that got the [same] type of regulation change, exposure about the issue as well as the ability for legislators to finally be able to talk about it in their state legislatures,” Kramer told CyberScoop.
James Boffetti, New Hampshire’s deputy attorney general, declined to confirm or deny Kramer’s claims, telling CyberScoop that it is department policy not to comment on active investigations.
A Feb. 6 news release from the state Attorney General’s office did provide substantial details on the ongoing investigation, including the alleged involvement of Life Corporation and Lingo Telecom in the scheme.
No charges have been filed thus far in that case, and Kramer was not mentioned or identified in the Feb. 6 release. Asked for an update on the progress of that investigation, Boffetti again declined comment.
Calls to the FCC for comment were not returned.
Kramer’s claims of ignorance about the lawsuit and its contents came as lawyers for the League of Women Voters submitted filings in New Hampshire district court last week that detailed numerous attempts to serve Kramer or his representatives.
According to a sworn statement submitted to the court on April 18, attorneys for the plaintiffs said they have made “diligent and extensive efforts” to serve Kramer and his legal representation with the lawsuit, including seven unsuccessful in-person attempts at listed work and home offices in New York, Louisiana and Florida.
A sworn statement submitted by Kathy Sullivan, the former New Hampshire Democratic official whose phone number was spoofed in the robocall, claims that Kramer called her on March 14 and accused her of being behind the lawsuit. Sullivan is not listed among the plaintiffs.
In that phone conversation, Sullivan said that Kramer told her that he used her name and phone number in the New Hampshire robocall because he thought she would “do the right thing” and alert the press. Sullivan claims Kramer stated that other campaigns had reached out asking him to do “bad things,” something she “understood to mean running similar deepfake and/or spoofed political robocalls that will threaten or deceive voters.”
Before CyberScoop could ask about the alleged call with Sullivan, Kramer hung up, saying he had to go and to check back with him after he returned to the United States on April 30 or May 1. Follow-up questions about the call sent to Kramer by email were not returned.
Sullivan previously told CyberScoop that she believes Kramer’s claim that he orchestrated the robocall to raise awareness about deepfakes was not genuine and was an attempt to “cover his tracks” after his involvement became public following the Feb. 23 NBC News article.
The post Democratic operative behind Biden AI robocall says lawsuit won’t ‘get anywhere’ appeared first on CyberScoop.