Securing Our Cyberspace

Information technology is pervasive in making our lives so much easier, that is, until we’re paralyzed by a virus invading our home computer or crippled by an enterprise-wide system crash. The larger implications are something we don’t even want to think about: What would happen to your life as you know it if your personal identity were stolen or, worse, some malicious entity hacked into just one component of our critical infrastructure, like the power grid or the air traffic–control infrastructure?

A cybercrime bust that occurred last month, described as the largest hacking and identity theft arrest ever, involved a group engaging in “war driving.” They used specialized software to identify insecurities in retailers’ wireless systems, then accessed 40 million credit and debit card numbers to withdraw hundreds of thousands of dollars in cash. The crime exposes a huge crack running through our information technology systems.

The fix will not happen overnight but, fortunately, computer scientists are working to address both the technical and social challenges of our computer systems security. One such effort, the Team for Research in Ubiquitous Secure Technology (TRUST), which I established with funding from the National Science Foundation in 2005, brings Berkeley together with seven other top universities, including Carnegie Mellon, Cornell, San Jose State, Stanford and Vanderbilt. The goal is to end the current “arms race” between attackers and defenders and develop a new landscape of foundational technology and tools for building trusted infrastructures with privacy safeguards. This will help us make cyberspace a safer place in which to live and do business.

Here at Berkeley, more than a dozen faculty members in our EECS department and in the schools of information, law, public policy and business are involved in TRUST. They include David Wagner, who is investigating software vulnerabilities like those he uncovered in California’s electronic voting machines last fall; Doug Tygar, who is doing research on systems that will protect even the least savvy computer user from clever “phishing” scams and other security breaches; and Vern Paxson, who is working on systems that will help defend against network intrusion and Internet worms.

TRUST can’t do it all. Everyone active in cyberspace must be individually accountable for safeguarding the security of his or her own systems and personal identity. But it’s good to know there are some clever hackers out there who are on our side.

I welcome your thoughts and ideas.

S. Shankar Sastry
Dean, College of Engineering
NEC Distinguished Professor of Electrical Engineering and Computer Sciences
Roy W. Carlson Professor of Engineering
Email Dean Sastry

Upcoming Events

September 17 View from the Top Lecture: Come hear a free talk by Sanjay Mehrotra, Berkeley Engineering alumnus and president & COO of SanDisk.

September 26 Berkeley Engineering Innovation Awards: Join us in honoring Dr. Paul Jacobs, EECS alumnus and CEO of Qualcomm.

October 4 Homecoming 2008: The Science behind the Stadium: Professor Jack P. Moehle, director of the Pacific Earthquake Engineering Research Center, will discuss the seismic and structural engineering issues facing Memorial Stadium.

Topics: EECS, Security & privacy