Cybersecurity Blog

Cybersecurity researchers from across Georgia Tech and the Georgia Tech Research Institute share their thoughts about emerging threats, trends, and technologies in the constant fight to secure data and information systems. Read what's capturing their attention and new insights they offer about cybersecurity topics in the news.

Blog entires are aggregated monthly into the Source Port newsletter, with additional research and updates from Georgia Tech. Source Port is published on the first business day of the month.

Sheltered Harbor Prepares Banks for Catastrophe

December 11, 2017  |  By Joel Odom

Not only is the U.S. financial system a critical component of national survivability, but consumer confidence in the system is critical to its stability. Whether due to a malicious hack or to an unexpected technical catastrophe, a failure of a bank's computing infrastructure would cripple a bank's ability to process transactions; it also would destroy consumer confidence in the bank. The ripple effects of such a failure could severely erode consumer confidence in the larger financial system.

The likelihood of such a catastrophic cyber attack is difficult to predict, but, to prepare for the worst, banks are joining together in a partnership called Sheltered Harbor, which creates a way for banks to quickly move customers from a crippled bank to a backup bank. The idea is that if the crippled bank suffers a catastrophic failure and cannot process transactions, the backup bank would be able to assume customer accounts, providing the affected customers access to a working bank in a timely manner.

Sheltered Harbor describes itself as "a not-for-profit industry-led initiative founded by 34 financial institutions, clearing houses, core processors and industry associations, collectively representing a significant percentage of the retail banking and brokerage accounts in the U.S."  Financial institutions participating in Sheltered Harbor must archive their customer data in a standardized format so that restoring institutions can load the data into their systems expeditiously.


IISP Analyst Joel Odom: "This is a smart idea.  As someone who tracks the cyber landscape closely, I don't loose sleep over the possibility of a catastrophic attack on critical functions such as banking or energy, but I do think that it could happen.  My hope is that if a catastrophic attack (or other disaster) does happen, the affected function will be able to recover before too much damage is done.

It's easy for cybersecurity researchers such as myself to get lost in the technical details of detecting and preventing cyber attacks, but technical controls are not enough. Technical controls will fail, unexpected scenarios will arise, and some disasters will occur despite our best attempts to secure our systems. We must plan accordingly. Ships should carry lifeboats. Consumers should carry life insurance. Cities should perform disaster planning. Planning for a cyber catastrophe is one important part of cyber resiliency and business continuity. This kind of continuity planning is especially important for critical functions such as banking and voting, where public confidence in the system is of high importance."




Cryptocurrencies: Why Bubble Machines Crash the Party
Nov. 30, 2017

User Whereabouts on Trial
Nov. 27, 2017

De-Neutralizing the Net
Nov. 22, 2017

Intel-based PCs May be Widely Vulnerable to an Attack Over USB
Nov. 20, 2017

EU Unites Against Cyberattacks
Oct. 30, 2017

Oct. 30, 2017

Encryption Only as Strong as Its Implementation
Oct. 26, 2017

KRACK Breaks Security But All Is Not Lost
Oct.19, 2017

Enterprising Hackers Turn to Bitcoin
Oct. 13, 2017

Comparing Regulatory Approaches Driverless Cars
Oct. 10, 2017



About the Analysts


Holly Dragoo is a research associate with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. Her previous work with the U.S. Department of Defense and Federal Bureau of Investigation give her a unique understanding of intelligence community requirements. Dragoo’s research interests include cybersecurity policy issues, threat attribution, metadata analysis, and adversarial network reconstruction. More By Holly



Brenden Kuerbis, Ph.D., is a postdoctoral researcher at Georgia Tech’s School of Public Policy and a former Fellow in Internet Security Governance at the Citizen Lab, Munk School of Global Affairs, University of Toronto. His research focuses on the governance of Internet identifiers (e.g., domain names, IP addresses) and the intersection of nation-state cybersecurity concerns with forms of Internet governance. More by Brenden



Joel Odom leads a team of researchers focused on software security as branch head for the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. He and his team research static and dynamic software analysis, software testing techniques, software reverse engineering, and software vulnerability discovery and mitigation. More by Joel



Yacin Nadji is a post-doctoral researcher in the Astrolavos Lab with Georgia Tech's School of Electrical & Computer Engineering who specializes in botnets, attribution, and applying machine learning to network data. He also has completed research in mobile device security, malware analysis, and web security and is a co-founder of Netrisk, a network-based detection and attribution company. More by Yacin



Chris M. Roberts is a senior research engineer with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute specializing in embedded firmware reverse engineering and hardware analysis.  Mr. Roberts’ technical expertise has expanded to cover radio frequency system design, electronic and cyber warfare, hardware and firmware reverse engineering, vulnerability assessments of embedded systems and assessment of vulnerability to wireless cyberattacks. More by Chris



Stone Tillotson is a research scientist with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute, where he develops applications for security involving attack/defense simulations, social media affinity mapping, and transitioning teams to Agile development. His focus includes design and development of front-end, back-end, and the data layer with considerations for architecture, design patterns, and user experience. More by Stone