Active defense is being used widely in cybersecurity circles to refer to techniques that aim to empower systems and operators by not only being reactive but also designing for and taking measures to anticipate attacker actions. Though it is often portrayed as “hacking back,” many active defense techniques focus on resilience as a central design methodology.
One of our summer interns, Josh Lyle, was recently featured on the Life at Argonne page. Josh worked on a handful of projects for us last summer, including our work in progress Mobile Encryption Gateway. Though he’s not actively working with us any more, we look forward to seeing what comes from Josh in the future! Josh is a student at Mississippi State University where he studies computer science.
In late November, just in time for the holiday shopping season, toymaker VTech was the victim of a massive SQL injection attack. Members of Congress are now asking for more information about the Hong Kong company’s collection of data on kids after a hacker swiped info from 5 million parent accounts and nearly 6.4 million child profiles. The data stolen seems to include a wide variety of information, including pictures of children from individual devices. All of this lost to one of the software world’s oldest vulnerabilities — SQL injection.