1/2014

Tracking the trails of cyberattackers

Jarmo Harju

 

“The people trained here will learn the skills and capabilities to ward off cyberthreats,” says Professor Jarmo Harju, who leads the TUTCyberLabs project.

 

TUTCyberLabs is a new research and education platform that intensifies cybersecurity research and provides hands-on training on how to identify cyberthreats and fight cyberattacks.

Cyberattacks can seriously disrupt the critical functions of society by paralysing critical systems, such as communicaton networks, electricity distribution and water supply. In the worst case, police and defence authorities cannot communicate with each other, hospitals do not have enough electricity for vital operations, and the production lines of factories are brought to a standstill. This scenario is possible in a cyberwar.

Cyberthreats range from cybercrime and cyberactivism (hactivism) to cyberespionage and, as the ultimate form, cyberwar.

Hands-on cybersecurity training

“Cybercriminals make money by taking advantage of vulnerabilities in information security, while hacktivists (hacker activists) perform malicious attacks, claiming to make an ethical statement. Furthermore, many countries conduct systematic cyberespionage,” describes Professor Jarmo Harju from the Department of Pervasive Computing at TUT.

“In all of these cases, tracking the trails left by the perpetrators is quite difficult. Recent developments have opened our eyes about the extent of cyberespionage that is going on. Concrete evidence has been leaked about the advanced tools and methods that are being used to obtain information.”

CyberLabs

The TUTCyberLabs research and education platform conducts cybersecurity tests and experiments focused on critical infrastructures. It consists of three cooperating laboratories.

Networking laboratory

  • Equipped with a flexible set of servers, routers, switches, hubs and terminal devices
  • Suitable for building a mini‐internet

Industrial automation cybersecurity laboratory

  • Consists of components related to communication and control of automation systems

Smart grid ICT laboratory

  • Specialises in information and automation systems of power companies of the future, and applications built on top of them
  • The most important component is a power system real‐time simulator.
 

TUTCyberLabs, scheduled to be fully operational by the end of 2014, is a new research and education platform for simulating cyberattacks and defences and for testing the security features of hardware and software. In autumn 2014, TUTCyberLabs will start providing cybersecurity training to TUT students majoring in information security. In 2015, supplementary education training will also become available to external industry professionals. Courses of this type have already been arranged in the industrial automation cybersecurity laboratory of the Department of Automation Science and Engineering with excellent results.

“The people trained here will learn the skills and capabilities to ward off cyberthreats,” says Harju, who leads the TUTCyberLabs project.

Attacking team vs. defending team

A game-like scenario is common in cybersecurity training. Prior to the exercise, vulnerable points are inserted and hidden in a company information network, according to Harju.

“To be able to sabotage the company information system, the attacking team must first detect the vulnerabilities and install malicious code in them. Meanwhile, the defending team tries to protect the company network. To do this, they must be able to spot atypical events and phenomena and deactivate harmful code.”

In real life, cyberattackers may wait even years, trying to find vulnerabilities in their target systems and installing malicious software. At TUTCyberLabs, the timescale is accelerated.

Tackling cyberchallenges in critical systems

A joint project between the Department of Pervasive Computing, the Department of Automation Science and Engineering and the Department of Electrical Engineering, TUTCyberLabs is a unique and boundary-breaking combination of ICT, industry automation and Smart Grid infrastructure expertise. It provides a versatile environment for carrying out active cyberattacks, practicing cyberdefence techniques, searching for vulnerabilities and testing the security of devices, software, applications and system architectures.

“What’s more, it enables the study of interdependencies between critical infrastructures, such as the national grid and communications networks, and allows network monitoring and scanning. Along with identifying and collecting information on different cyberthreats, TUTCyberLabs makes it possible to demonstrate the effects of insufficient cybersecurity,” Harju explains.

Funding from the Academy of Finland

The TUTCyberLabs project has received 540,000 euros of funding from the Academy of Finland through the FIRI2013 call for research infrastructures. The project is steered in close collaboration by Professor Jarmo Harju of the Department of Pervasive Computing, Professor Hannu Koivisto and researcher & information security specialist Jari Seppälä of the Department of Automation Science and Engineering, and Professor Sami Repo of the Department of Electrical Engineering.

 

Text: Leena Koskenlaakso
Photos: Mika Kanerva

 
Tell a friend
Factory in a box
Factory in a box
1/2014
Factory in a box
Smart interfaces reduce human error
Smart interfaces reduce human error
1/2014
Smart interfaces reduce human error
5G networks would enrich our lives in ways never seen before
5G networks would enrich our lives in ways never seen before
1/2014
5G networks would enrich our lives in ways never seen before
Facial expressions control and reveal
Facial expressions control and reveal
1/2014
Facial expressions control and reveal
Exploring the ultimate visual experience
Exploring the ultimate visual experience
1/2014
Exploring the ultimate visual experience
Future cinema will provide better told, more touchy-feely stories with taste and smell
Future cinema will provide better told, more touchy-feely stories with taste and smell
1/2014
Future cinema will provide better told, more touchy-feely stories with taste and smell
Waste-eating bacteria produce hydrogen
Waste-eating bacteria produce hydrogen
1/2014
Waste-eating bacteria produce hydrogen
Sunlight turns seawater into fuel
Sunlight turns seawater into fuel
1/2014
Sunlight turns seawater into fuel
Bioenergy and biofuels have staying power
Bioenergy and biofuels have staying power
1/2014
Bioenergy and biofuels have staying power
Stem cells spark new avenues for heart research
Stem cells spark new avenues for heart research
1/2014
Stem cells spark new avenues for heart research
Wireless identification and sensing systems improve quality of life
Wireless identification and sensing systems improve quality of life
1/2014
Wireless identification and sensing systems improve quality of life
Beautiful Beijing benefits all mankind
Beautiful Beijing benefits all mankind
1/2014
Beautiful Beijing benefits all mankind
Bringing electrical engineering practices to the next level
Bringing electrical engineering practices to the next level
1/2014
Bringing electrical engineering practices to the next level
Research is the key to the future
Research is the key to the future
1/2014
Research is the key to the future

Tampere University of Technology is at the leading edge of technology development and a sought-after collaboration partner among the scientific and business communities. The University produces competent graduates who enter careers in the different sectors of society.

Visiting address
Korkeakoulunkatu 10,
FI-33720 Tampere
Finland

Mailing address
PO Box 527, FI-33101 Tampere
Finland

Switchboard:
+358 3 311 511