Cybersecurity Blog

Cybersecurity researchers from across Georgia Tech and the Georgia Tech Research Institute share their thoughts about emerging threats, trends, and technologies in the constant fight to secure data and information systems. Read what's capturing their attention and new insights they offer about cybersecurity topics in the news.

Blog entires are aggregated monthly into the Source Port newsletter, with additional research and updates from Georgia Tech. Source Port is published on the last business day of the month.


Enterprising Hackers Turn to Bitcoin

October 13, 2017  |  By Stone Tillotson

Cyber criminals have found a new avenue to instant riches: mining bitcoins. With the stratospheric rise in the cryptocurrency's value (up 650% in one year), the security firm Redlock reports that enterprising hackers have begun to compromise Amazon Web Services (AWS) accounts to mine bitcoins. The scalable nature of AWS cloud machines gives them an edge over the typical botnet and, by compromising business accounts, the extra processing power allocated might not raise any red flags. In the cases thus far identified, whatever data that might be present in the breached accounts appears to be of, at best, secondary value and is often ignored. This represents a reversal of the typical modus operandi, and with sudden changes like this, companies will need to adjust their threat matrices and skillsets accordingly.

 

IISP Analyst Stone Tillotson: "Hackers respond to incentives just like anyone else, and it shouldn't be too surprising literally making money is more appealing than fencing or ransoming data. But, Bitcoin's meteoric rise and the entailing results fuel questions about the wider direction of cybercrime. Given the quick pace of technological change and cybercrime's marriage to equally volatile currency markets, how will we predict where they go next? Cybersecurity personnel are a limited resource, so hardening every potential target isn't feasible. When rapidly changing incentives push hackers in new directions or bring them back to neglected targets, allocating one's security budget might start to resemble prognostication. Noting this problem starts with economics, economics itself might provide the solution. Microeconomics has been successfully applied to forecast terrorism, perhaps it's time to apply those insights to cybersecurity as well. Add to those insights organizational data and a bit of machine learning, a company might derive a much clearer picture of when and what might be at risk."

 

More...


Comparing Regulatory Approaches Driverless Cars
October 10, 2017

Combosquatting Domain Abuse and Adversarial Graph Clustering Identify New Tricks
September 29, 2017

Senate Says No More Kaspersky
September 21, 2017

Safari Browser Incorporates Intelligent Tracking Prevention
September 21, 2017

WikiLeaks Finally Pokes the Russian Bear
September 21, 2017

It's Time to Make Personal Data Meaningless
September 8, 2017

A Crisis Is An Opportunity: Exploiting Hurricane Harvey
August 31, 2017

Building Blocks for New Attack Against DNA Sequencing
August 31, 2017

After Charlottesville: Registrars, Content Regulation and Domain Name Policy
August 30, 2017

Naval Collision Raises Concerns Over Cyberattack and Hunt for Backup Systems
August 26, 2017

Injecting Backdoors into Deep Neural Networks
August 26, 2017

 


 

About the Analysts

 

Holly Dragoo is a research associate with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. Her previous work with the U.S. Department of Defense and Federal Bureau of Investigation give her a unique understanding of intelligence community requirements. Dragoo’s research interests include cybersecurity policy issues, threat attribution, metadata analysis, and adversarial network reconstruction. More By Holly

 

 

Brenden Kuerbis, Ph.D., is a postdoctoral researcher at Georgia Tech’s School of Public Policy and a former Fellow in Internet Security Governance at the Citizen Lab, Munk School of Global Affairs, University of Toronto. His research focuses on the governance of Internet identifiers (e.g., domain names, IP addresses) and the intersection of nation-state cybersecurity concerns with forms of Internet governance. More by Brenden

 

 

Joel Odom leads a team of researchers focused on software security as branch head for the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. He and his team research static and dynamic software analysis, software testing techniques, software reverse engineering, and software vulnerability discovery and mitigation. More by Joel

 

 

Yacin Nadji is a post-doctoral researcher in the Astrolavos Lab with Georgia Tech's School of Electrical & Computer Engineering who specializes in botnets, attribution, and applying machine learning to network data. He also has completed research in mobile device security, malware analysis, and web security and is a co-founder of Netrisk, a network-based detection and attribution company. More by Yacin

 

 

Chris M. Roberts is a senior research engineer with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute specializing in embedded firmware reverse engineering and hardware analysis.  Mr. Roberts’ technical expertise has expanded to cover radio frequency system design, electronic and cyber warfare, hardware and firmware reverse engineering, vulnerability assessments of embedded systems and assessment of vulnerability to wireless cyberattacks. More by Chris

 

 

Stone Tillotson is a research scientist with the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute, where he develops applications for security involving attack/defense simulations, social media affinity mapping, and transitioning teams to Agile development. His focus includes design and development of front-end, back-end, and the data layer with considerations for architecture, design patterns, and user experience. More by Stone