Cybersecurity Story Archives - West Virginia Public Broadcasting

‘WVU Day’ At Capitol Focuses On Workforce Development

Tuesday was WVU Day at the Capitol, and the growing public, private and academic partnership in workforce development was the leading theme on display.

Adorned in blue and gold, many of the capitol rotunda displays focused on technology advancement, a key component to the state’s desire to develop a workforce ready to meet the demands of a high tech future.

However, WVU President Gordon Gee said, contrary to popular opinion, a WVU liberal arts education has not taken a back seat to workforce development.

“We’re a very balanced institution,” Gee said. “We have 300 plus programs across the spectrum, but we think that it’s important, whether you’re a liberal arts graduate, or whether you’re an engineering or STEM graduate, that you stay in West Virginia and take the jobs we have. We have over 30,000 jobs available for young people. And so that is really our focus. We can’t grow West Virginia without growing our workforce.”

Gee did agree there are two tiers to academic workforce development. The high tech tier, a high demand degree in cybersecurity for example, and the vocational trades tier, the skilled jobs on the ground that combine tech and tools at places like NUCOR Steel and Form Energy.

“Some jobs are really available for people who really just want to go out and make certain that they have a good opportunity,” Gee said. “Unlike other jobs that require a lot of education. And the thing that is very important about West Virginia is the fact that we’ve crossed the digital divide with LG coming here. We have both hands on jobs with our steel mills coming or our energy programs, but now we have cybersecurity jobs and jobs that are unusual for an energy state.“

Gee said people can expect to see a lot more public-private-educational partnerships in West Virginia’s future.

“I think it will grow because of the fact that no one has enough money to do everything,” Gee said. “What we have to do is we all have to draft off from each other. Besides, I think it’s important, with the private sector, they tell us what they need, and the public universities need to produce. And it’s that partnership that I think will prevail.”

Making Air Traffic Reliable And More Secure Subject Of Shepherd University Research

At Shepherd University we’ve built our own traffic control system, and we are using that to see how we can apply artificial intelligence to make the airspace more manageable by the air traffic controllers. We help with things like we help with traffic congestion prediction, traffic optimization, and also handling a lot of drone traffic, or unmanned aerial vehicles.

A Shepherd University professor is overseeing research to make aircraft communication more secure.

The research was presented at the 63rd Annual Conference of the International Association for Computer Information Systems. It has also been published in several publications subsequently attracting the attention of the country’s national defense contractors.

Assistant News Director Caroline MacGregor sat down with Assistant Professor of Business Administration George Ray to talk about his cutting-edge research.

This interview has been lightly edited for clarity.

MacGregor: Professor Ray – thank you for joining me. Your research is focused on making the skies more secure, not only in the interest of the general public but also from a national security standpoint. Tell me what motivated this area of study.

Ray: I started the most recent round of this research around five years ago and I’ve just had a continuing interest in it. I was a computer and communications officer in the United States Air Force for eight years and that’s where I first started but we were using different equipment. I was in the Air Force 40 years ago. Prior to that I was in the United States Marine Corps. Quite a lot has changed. The ability to use PCs to collect data real time and process it in real time kind of got my interest five years ago and that’s when I started working on it.

MacGregor: You talk about the National Airspace System – a network of controlled and uncontrolled airspace, both domestic and international. The NAS essentially has an enormous responsibility of managing air traffic. What role does cybersecurity play in the national airspace?

Ray: Shepherd University has a national airspace cyber security laboratory. We consider the national airspace to be part of the national cyber infrastructure because the avionics that are used in air traffic management transplant digitally encoded messages over a data link service, similar to how we are communicating now over a data link. So, we’re focusing on collecting the communications in the airspace transmitted by surveillance radars, transmitted by aircraft, by GPS (Global Positioning System) satellites and we build at Shepherd custom instruments so we have a data driven approach to analyzing the national airspace.

MacGregor: You commented that most people do not consider the airspace as a cyber system that is vulnerable to hacking attacks. What do you mean?

Ray: I think it’s more that they realize the national airspace is vulnerable to these attacks but it’s not considered part of the cyberinfrastructure. We look at this as being part of the cyber infrastructure, again digitally encoded messages over a data link service and those are the ones most of the investment dollars from the National Science Foundation are going into – protecting things like power stations and the data communication networks we use for finance and so on. But we think this is just as important an infrastructure and it is a cyberinfrastructure.

MacGregor: What are some of the different techniques used by hackers to attack the network – for example, the “replay” attack. What is this and what are some mitigation measures for countering these attacks?

Ray: The replay attack is where an attacker will record messages at one time and then replay them at a later time. The purpose is to create confusion in that particular system. So in the National Airspace System they might record avionic traffic ADS-B (Automatic Dependent Surveillance Broadcast), and that’s where the aircraft gives its state information: its position, its velocity. It might record those and at a later time replay that. The purpose is to create confusion in the air traffic control management. So you might have an aircraft that looks like it’s heading into a collision with another aircraft. It’s a form of spoofing attack, where the hacker is pretending to be a legitimate node in the network and in fact they’re there to cause confusion.

MacGregor: What interest are you finding on the national level for your research?

Ray: We’ve had interest from defense contractors that work on the national level. So we are in communication with several organizations that are part of the Department of Defense community, and we are working with them. There was a headline in the New York Post just a few weeks ago about GPS hacking, another one of the avionic systems like ADS-B and the headline was “Hackers are attacking the GPS and experts don’t know what to do about it.” So we’re looking at things like that as well. Some of the research we’re doing is looking at taking radio frequency signals and decomposing them into their phase and quadrature components and then analyzing patterns in those to detect if we have GPS spoofing or maybe even ADB-S spoofing going on.

MacGregor: Tell me more about other specific cyber attacks or hacking incidents.

Ray: There’s a couple of them, eavesdropping is one. That’s where you’re listening to broadcast messages and you’re not authorized to do so. Another is jamming and that’s where you have a denial-of-service attack where you at a particular frequency, for example, ADS-B transmits at 1090 megahertz, you broadcast a powerful transmission at that frequency and it jams the communications, nothing gets through. And then spoofing, again, is another form of hacker attacks where you pretend to be a legitimate node and decentralized identity solution for websites and applications on the network, but you’re not, and the attack is where you create a false position or other spatial information.

MacGregor: How difficult is it for the Air Force as well as commercial pilots to respond to these incidents?

Ray: The Air Force has a very good training in this area but you are dealing with sentient opponents, people who are able to see what you are doing and then counter that. And that’s just the nature of the competition. We’re seeing a lot of this in the Ukrainian war, systems are effective for a while, but then counter measures come into play and they lose their effectiveness. So it’s definitely an ongoing competition that is between sentient actors.

MacGregor: This includes attacks on satellite systems and capabilities which we’ve seen are vulnerable to attack during wartime as you just alluded to. What other areas are prone to attack?

Ray: Yes, that’s correct. And there’s other satellite systems as well, GPS is a satellite system, it’s part of the GNSS (Global Navigation Satellite System) where several other countries have put up similar systems to GPSA. All of these systems are vital for transmitting information so they’re all vulnerable to hacking attacks of various kinds. All of them transmit on certain frequencies that can be jammed.

MacGregor: With the addition of drones using the country’s airspace, what are the risks for air traffic controllers already under intense pressure to provide key information and communication support for pilots?

Ray: There’s another side of the National Airspace System and it’s the commercial side where we are not necessarily concerned about hackers attacking it but just the stable and effective operation of the system itself. Putting a lot of drones into the National Airspace System is going to have a couple of problems. The main one is the air traffic control systems we have aren’t able to handle that, the air traffic controllers are overwhelmed.

MacGregor: So as air traffic control becomes more critical, it sounds like your research is going to be instrumental in lessening the occupational stress of this job in the future.

Ray: That has always been an extremely stressful job and it’s only become more stressful as air traffic has increased, but I think the key thing is it’s getting the point where a person is no longer able to handle the air traffic that’s going to be coming in in the near future, much less the drone traffic you add onto that. I think we definitely need to do things to help the air traffic controller do their job a lot more effectively.

MacGregor: How big is your team at Shepherd University and where do you see this research heading?

Ray: Right now we’re a fairly small crew but we’re also connecting with these defense contractors so we could expand that dramatically because they have a great deal of funding. The other thing is, right now at Shepherd University we’re building a Science DMZ (secure computer subnetwork) through a grant from the NSF. This will enable us to share our datasets and coding with other researchers and then also access large government databases at NASA or the Department of Defense. A Science DMZ is a specially configured network that provides for the transfer of large quantities of data very quickly.

We’re making the steps we need to make sure we can get into this next level so we’ll really increase the contributions we can make, and therefore the staff we’ll have working.

MU Cybersecurity Program Ranks Second In U.S.

According to a Fortune Magazine ranking, one of the best places in the country to earn an online Master’s Degree in Cybersecurity is from Marshall University.

Cybersecurity is a growing field as companies large and small need to protect computer systems from hackers and viruses.

According to a Fortune Magazine ranking, one of the best places in the country to earn an online Master’s Degree in Cybersecurity is from Marshall University.

The program covers advanced cryptography, cybersecurity policy, cyber risk and vulnerability, cyber operation, wireless network security, web/mobile security, software security, security in Internet of Things (IoT) and other topics.

Marshall’s 30-credit-hour program, which cost $509 per credit, is offered through the College of Engineering and Computer Sciences and does not require applicants to submit a GRE score for admission. Marshall’s program uses the latest security tools and technologies to teach advanced topics in cybersecurity.

The program’s ranking “is a testament to the hard work that the faculty put in to make sure their courses are a blend of theory and practice,” said Dr. Paulus Wahjudi, professor and chair of the Department of Computer Sciences and Electrical Engineering at Marshall.

“The field of cybersecurity is one of the fastest growing fields and the demand is very high. This is a great opportunity for anyone who is interested in advancing their career in the field of computing,” he said.

According to the report, Marshall accepted 66 percent of applicants for the 2022-23 academic year. Students had an average GPA 3.75 coming into the program.

Visit the program website for more information.

Cybersecurity Workforce Training Planned At Glenville State University

The program’s aim is to create a sustainable economic future for West Virginia’s coal-impacted north central region. Anyone living in north central West Virginia in counties defined as “distressed” or “at-risk” can receive free training and certification in cybersecurity-related fields.

Glenville State University is partnering with the Appalachian Regional Commission to offer residents in distressed counties free cybersecurity training.

Demand for people with cybersecurity skills in West Virginia and other states is climbing steadily and that trend is projected to continue.

“Our POWER grant with ARC allows for the development of free boot camps, and will provide each participant with all the training materials, study guides and exams at no cost,” Peggy Runyon, Glenville State’s project director for the initiative, said.

Participants in identified counties will receive training and eventual certification in cybersecurity-related fields.

“We are making strong efforts to bring the training to the people in these counties,” Runyon said. “This training would cost several thousand dollars if you were paying for it out of pocket, so I sincerely encourage individuals to take advantage of this exclusive opportunity.”

West Virginia counties defined as “distressed” or “at-risk” include Barbour, Braxton, Calhoun, Clay, Doddridge, Fayette, Gilmer, Grant, Greenbrier, Harrison, Lewis, Mercer, Nicholas, Pocahontas, Ritchie, Roane, Summers, Tucker, Upshur, Webster and Wirt. Other West Virginia counties will be considered as well.

The first class, CompTIA Network+ is scheduled from 9 a.m. to 5 p.m. Saturday, June 24; Sunday, June 25; and Saturday, July 1. No prerequisites are required but seating is limited.

The free training program is made possible through a Partnerships for Opportunity and Workforce and Economic Revitalization grant for the university’s Cybersecurity and Safety Workforce Development Initiative.

A total of $1,402,408 in local and federal funding is being provided for the project.

To sign up for the course or for more information, contact Peggy.Runyon@glenville.edu or call (304) 462-6383.

Marshall University Hosting Legislative Interim Committee Meetings

The May installment of 2023 legislative interim committee meetings will take place on Marshall’s Huntington campus beginning on Sunday.

Sara Payne Scarboro, Marshall’s associate vice president of Government Relations, said the university welcomes the opportunity to showcase its campus and local community partnerships.

“We will highlight the wonderful things and growth going on in the city, county and here at Marshall,” Scarboro said. “Our good friends up north at WVU, they had the opportunity to host the legislature last year. Now it’s Marshall’s turn, and we are eager to make them welcome.”

Several meeting agendas highlight Marshall programs including health care, cybersecurity and aviation. Scarboro said meeting topics, including presentations from Huntington and Cabell County leaders, are all part of an economic development focus.

“All roads lead to economic development and job creation and keeping our talent in the Mountain State,” Scarboro said. “We wanted to have an opportunity to tell that story, how Marshall University is leaning in to help our state lawmakers create jobs, keep jobs and keep our students here in West Virginia.”

Scarboro said planned lawmaker field trips during interims include visits to The Keith-Albee Performing Arts Center and the Nucor steel plant site in nearby Mason County.

“We’re going to go to Nucor on a site visit to talk with industry leadership, we’re going to examine Route 2, and how infrastructure is important to further develop that venue and that road setting for future business development.”

Scarboro said she hopes lawmakers leave Huntington with an understanding that Marshall is an economic development partner to the state, with a seat at the table.

Interims run Sunday, Monday and Tuesday. Click here for a listing of meeting times and agendas.

Berkeley County Schools Close Following Network Outage, Safety Concerns

Students in Berkeley County stayed home from school Monday following a “security incident” Friday involving a network outage that limited IT operations.

Students in Berkeley County stayed home from school Monday following a “security incident” Friday involving a network outage that limited IT operations.

The county school district is currently trying to restore access to the network, working with both cybersecurity professionals and local law enforcement to find the cause of the incident. The county is also investigating if any personal data from students was compromised.

“Answering this question is a key objective of our investigation,” County Superintendent Ronald Stephens said in a public statement. “If it is determined that there was unauthorized access to sensitive personal information, we will notify individuals in accordance with applicable laws.”

Stephens said the county would also provide resources to families to help protect against potential information misuse, if such a problem arises. Berkeley County Schools services 19,722 students, according to its Facebook page.

An emailed statement from Berkeley County Schools Communications Director Elaine Bobo to West Virginia Public Broadcasting said they will provide an update once the investigation is complete and the network is back online.

“We want our students and the community to know that we place a high value on maintaining the integrity and security of the data we hold in our systems, and we are working diligently to restore operations and furthering our investigation of the incident,” Bobo said. “We will provide an additional update once the restoration process and our investigation are complete.”

A follow-up release Monday afternoon announced schools would reopen Tuesday while the investigation continues.