talk: Cybersecurity during COVID-19 and other emergencies, 12-1 Tue May 5

talk: Cybersecurity during COVID-19 and other emergencies, 12-1 Tue May 5

The UMBC Center for Cybersecurity (UCYBR) Presents

Cybersecurity during COVID-19 and other emergencies

Dr. Richard Forno
Senior Lecturer, Computer Science & Electrical Engineering
Director, UMBC Graduate Cybersecurity Program & Assistant Director, UMBC Center for Cybersecurity

12–1 pm Tuesday, 5 May 2020
online via webex

‘Cyber’ touches many, if not all, parts of society and organizations. However, even in 2020, cybersecurity often still is seen as exclusively a function of IT and not a function of enterprise mission assurance or operational resiliency. Accordingly, operational performance can be compromised by a failure to consider, if not embrace, cybersecurity principles and concerns during crisis planning – which can significantly impede effective crisis response and incident management during actual events and make a bad situation even worse. This talk will discuss the role of cybersecurity and cybersecurity thinking within crisis management and incident handling, with a particular emphasis on maintaining operational resiliency and mission assurance during the ongoing COVID-19 pandemic.

Dr. Richard Forno is a Senior Lecturer in the UMBC Department of Computer Science and Electrical Engineering, where he directs the UMBC Graduate Cybersecurity Program and serves as the Assistant Director of UMBC’s Center for Cybersecurity. Prior to joining UMBC in 2010, his twenty-year career in operational cybersecurity spanned the government, military, and private sector, including helping build a formal cybersecurity program for the US House of Representatives, serving as the first Chief Security Officer for Network Solutions (then, the global center of the internet DNS system), consulting to Fortune 100 companies, and more. From 2005-12 he was a Visiting Scientist at the Software Engineering Institute at Carnegie Mellon University, where he taught courses on incident handling for the CERT Coordination Center (CERT/CC).

UMBC Cyber Dawgs rank #1 among university teams at annual Capture the Flag event


UMBC Cyber Dawgs #1 among university
teams at annual Capture the Flag event


The UMBC Cyber Dawgs ranked #1 among university teams in a challenging cybersecurity competition hosted virtually by the University of Maryland, College Park on April 18. 

The Capture the Flag event was designed to test teams’ abilities to solve a variety of realistic cybersecurity problems. UMBC went head to head with more than 300 teams from both colleges and industry, placing third overall and #1 among the universities.

Charles Nicholas, professor of computer science and electrical engineering and a Cyber Dawgs faculty advisor, says that the team’s win shows how well-prepared UMBC students are for careers in cybersecurity, and how committed they are to excelling in intercollegiate competition. “It speaks volumes about our students, their enthusiasm, and their character,” he says.

Reflecting on the Cyber Dawgs’ #3 overall finish, Nicholas shares, “The teams that beat us are made up of experienced cyber professionals, who do this sort of work for a living.” To end the competition as the leading university team and trailing just two professional teams was quite a feat, he notes, saying, “Our faculty and our university are very proud of these students.”

The Cyber Dawgs recently won the Mid-Atlantic Collegiate Cyber Defense Competition. They are preparing for the National Collegiate Cyber Defense Competition, which will be held virtually in May.

Adapted from a UMBC News article written by Megan Hanks. Banner image: A person typing on a computer. Photo by Marlayna Demond ’11 for UMBC.

UMBC 16th Digital Entertainment Conference, 11-5 Sat. 4/18 online

UMBC’s 16th Digital Entertainment Conference, online 11-5 Sat. 4/18


16th UMBC Digital Entertainment Conference


11:00am-5:00pm, Saturday, April 18, 2020

Online on YouTube

The Digital Entertainment Conference (DEC) is an annual event run by the students of the UMBC Game Developer’s Club that brings professional game developers from the area to UMBC to talk about their experience in the game industry. DEC’20 will be held online 11-5 on Saturday, April 18 on the UMBC Game Developers Club YouTube Channel. Attend online to see and interact with professions from the local game industry.

This year’s speakers include four professionals from Zenimax, a video game publisher headquartered in Maryland: Bobby Foster (Figure Artist), Eric Bakutis (Content Designer), Ryan Griffin (Artist), and Katie Hirsch (Programmer).

DEC’20 is free to attend and open to UMBC students, high school students, UMBC alumni and anyone interested in game development. It is sponsored by the UMBC Game Developers club and funded by the COEIT Dean’s Office’s Collaborative Student Funding Program.

UMBC Cyber Dawgs win Mid-Atlantic Collegiate Cyber Defense Competition


UMBC Cyber Dawgs win Mid-Atlantic Collegiate Cyber Defense Competition


Last weekend, the UMBC Cyber Dawgs took first place in the Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC), which was held virtually. UMBC’s team was one of eight that participated in the competition, fighting to protect their networks efficiently and effectively from simulated cyber threats and attacks. The team topped Penn State; the University of Maryland, College Park; and University of Virginia, which won the national championship for the past two years.

UMBC’s Cyber Dawgs will move on to compete in the National Collegiate Cyber Defense Competition (NCCDC). Due to COVID-19, the competition will be held remotely this year.

How does the competition work?

These regional and national competitions attract leading collegiate cybersecurity teams from across the nation. They put teams in situations that mimic scenarios they might encounter working to secure and protect online systems for government agencies and companies. Throughout each challenge, teammates work together to protect their systems from hackers and cyber attacks. At the same time, they keep their networks accessible to the users relying on them. 

Meet the team

The MACCDC was about 14 hours long, and was held over two days. During the competition, the teams were not permitted to interact with their coaches Charles Nicholas, professor of computer science and electrical engineering (CSEE), and Rick Forno, senior lecturer in CSEE.

The winning UMBC team included Anna Staats ‘20, computer science; RJ Joyce ‘18, M.S. ‘20, computer science; Cyrus Bonyadi, Ph.D. ‘23, computer science; Drew Barrett ‘20, computer science; Seamus Burke ‘20, computer science; Henry Budris ‘22, computer science; Chris Skane ‘21, computer science; and Nikola Bura ‘21, computer science. 

“We are so proud of our team, and their ability to work together as a team under such extraordinary conditions,” says Nicholas.

This is the third time in six years that the Cyber Dawgs have won the MACCDC. The UMBC team won the national championship in 2017.

Adapted from a UMBC News article by Megan Hanks. Banner image: Student using a computer. Photo by Marlayna Demond ’11 for UMBC.

Talk: Lance Hoffman (GWU) Cyber Policy Challenges, 12-1pm 4/24 online

The UMBC Cyber Defense Lab presents

Cyber Policy Challenges

Lance J. Hoffman
Distinguished Professor, George Washington University

12–1:00 pm, Friday, 24 April 2020

remotely via WebEx

System attackers and defenders operate on a constantly changing battlefield, and some of the more serious conflicts involving nation-states could be considered acts of war, though we are still in the early stages of defining war in cyberspace. Policies for security and privacy can vary wildly, and have important personal, national, and global consequences for privacy, free speech, censorship, and other issues. Things get even more complicated with the advent of the Internet of Things, where (mostly unsophisticated) users may think they have more control than they actually do and can make bad mistakes. Various ethical issues related to the development of these systems, including bias in artificial intelligence and what harm to choose when harm is unavoidable have only started to be examined. This talk will provide both historical context and some discussion of topical issues such as Zoombombing and the security of electronic voting systems as compared to mail ballots and traditional voting.

Professor Lance J. Hoffman is the author or editor of numerous articles and five books on computer security and privacy. He developed the first regularly offered course on computer security at the University of California, Berkeley in 1970. A Fellow of the Association for Computing Machinery and a member of the Cyber Security Hall of Fame, Dr. Hoffman institutionalized the ACM Conference on Computers, Freedom, and Privacy. He has served on a number of Advisory Committees including those of Federal Trade Commission and the Department of Homeland Security and has testified before Congress on security and privacy-related issues. He is the principal investigator of the CyberCorps program at GWU. Dr. Hoffman earned his Ph. D. in Computer Science from Stanford University, after a B.S. in Mathematics from Carnegie Mellon University.

Host: Alan T. Sherman, Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays. All meetings are open to the public. Upcoming CDL meetings: May 8, Jason Wells (UMBC SFS scholar) law enforcement; May 22, Spring SFS Meeting at UMBC, 9:30am-2pm, ITE456

online talk: Opal Hard Drives for Ransomware Resilience

The UMBC Cyber Defense Lab presents

Opal Hard Drives for Ransomware Resilience

Russ Fink, Ph.D.
Senior Staff, the Johns Hopkins University / Applied Physics Laboratory

12:00–1 pm,  Friday, 10 April 2020
via WebEx:


Ransomware is crippling industry and government alike.  Paying the ransom doesn’t guarantee you’ll get your files back, but it funds the criminals who will continue on. Restoring from traditional network backups takes time, and never gets you back to the system you had before the attack.  In response, we have developed a resilient, local malware restore and recovery capability, capable of quickly restoring OS images onto “bare metal” after an attack or misconfiguration, useful for many applications.

I will discuss the technical details, including a description of the Opal hard drive specification, the Trusted Computing Group’s Trusted Platform Module (TPM), and how we secure secrets needed for WUBU – Wake-Up-Back-Up.  I’ll talk through some of the open-source technologies that we used to build our solution.  WebEx willing, I will give a live demonstration of a ShinoLocker ransomware infection, followed by an “as if nothing ever happened” recovery that takes only ten minutes.

Russ Fink is a senior staff member at the Johns Hopkins University / Applied Physics Laboratory.  His research interests include computational private information retrieval, trusted computing applications, applied cryptography, and enterprise and mission cyber resiliency techniques.  He earned a Ph.D. in computer science from UMBC in 2010 working with Dr. Alan Sherman.  email: 

Host: Alan T. Sherman, . Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.  The UMBC Cyber Defense Lab meets biweekly Fridays.  All meetings are open to the public.  Upcoming CDL Meetings:

  • Apr 24, Lance Hoffman (GWU), policy
  • May 8, Jason Wells (UMBC SFS scholar), law enforcement
  • May 22, Spring SFS Meeting at UMBC, 9:30am-2pm, ITE 456

CSEE Prof. LaBerge receives USM Board of Regents’ Faculty Award for Excellence in Teaching


CSEE Prof. LaBerge receives USM Board of Regents’
Faculty Award for Excellence in Teaching


E. F. Charles LaBerge, Professor of the Practice in the Computer Science and Electrical Engineering department, has been awarded the 2020 University System of Maryland Board of Regents’ Faculty Award for Excellence in Teaching.

Since joining UMBC in 2008, E.F. Charles LaBerge’s career has been marked by outstanding classroom instruction, innovative teaching methods, and development of active learning spaces on campus. He brings a wealth of industry experience and knowledge to UMBC students enrolled in the range of courses that he teaches. As a professor of the practice in computer science and electrical engineering, LaBerge exposes his students to computer and electrical engineering concepts through real-world examples and multidisciplinary instruction. His extensive connections in industry have benefited his students and helped to prepare them for careers and graduate degrees.

As an instructor for the introduction to engineering course taken by all engineering students, he has impacted the educational careers of students across the College of Engineering and Information Technology (COEIT). He consistently receives high ranks and positive comments from students on course evaluations. Both his students and colleagues acknowledge and appreciate LaBerge’s modern approach to classroom instruction, which incorporates technology and new practices.

LaBerge was instrumental in the development of UMBC’s Active Learning Center, a space that supports collaborative learning to promote student success and retention in computing courses. He is a strong supporter of students across campus, opening his office to students, from those who have questions about classes to those seeking professional advice and mentorship. His teaching extends beyond the classroom, and he supports and mentors students presenting at UMBC’s annual Undergraduate Research and Creative Achievements Day each spring.

He is a very engaged member of COEIT, having served as the undergraduate program director for computer engineering and as the coordinator for computer engineering’s accreditation program, among other roles. His commitment to the College was recognized with the inaugural College of Engineering and Information Technology Award for Teaching Excellence in 2018. This award was presented to him based on feedback from fellow faculty and colleagues.

LaBerge earned his B.S. and M.S. in electrical engineering from Johns Hopkins University, and his Ph.D. in electrical engineering from UMBC.

Adapted from the UMBC faculty awards announcement.

Prof. Naghmeh Karimi receives NSF CAREER award for research on the security of cryptographic chips

Professor Karimi and a custom measurement board developed by her collaborators at the University of Buchum, Germany that is being used to test a 65 nm application-specific integrated circuit sample


Investigating the Impact of Device Aging on the Security of Cryptographic Chips


Professor Naghmeh Karimi received a prestigious NSF CAREER award to support her research on Investigating the impact of device aging on the security of cryptographic chips.

CAREER awards are among NFS’s most prestigious awards and are intended to support early-career faculty who have the potential to serve as academic role models in research and education and to lead advances in the mission of their department or organization.

Cryptographic chips implement cryptographic functions in hardware for better performance. Despite the significant performance benefits, cryptographic chips can be compromised by the adversaries via monitoring their power-consumption, tampering their logic or placing the chips under stress to generate erroneous outputs to infer sensitive data. The current protections against such attacks do not consider the aging of the devices that can cause a parametric shift of device parameters over time which can compromise device security.

Supported by this five-year award, Professor Karimi and her students will investigate the effects of device aging on the security of cryptographic devices, particularly those with protection against physical attacks, and develop solutions to ensure security when device aging comes into account. Her work will help enable the development of long-lasting security for trusted hardware platforms, and result in aging-resistant security solutions that benefit the society via devices that remain secure over their lifetime.

UMBC Cyber Dawgs win 15th Mid-Atlantic Collegiate Cyber Defense Competition


UMBC Cyber Dawgs place first in
15th Mid-Atlantic Collegiate Cyber Defense Competition


Congratulations to the UMBC Cyber Dawgs for winning the 15th Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) which was held this Friday and Saturday. UMBC placed first in a field of teams from eight Universities who made the regional finals out of an initial set of 27 qualifying teams. By winning the regional competition, UMBC will represent the Mid-Atlantic states in the National Collegiate Cyber Defense Competition to be held on May 22-24, 2020.

The MACCDC has been held annually since 2006. Each year, it develops a new realistic challenge using the latest technologies currently in use. This year’s scenario involves student teams working for a fictitious Artificially Intelligent Institute (AII), a multinational corporation with offices in the Mid-Atlantic region. It was described as follows.

“As a leading provider of advanced AI surveillance tools to intelligence and law enforcement agencies, as well as private-sector organizations, the main business driver of AII is to show how new surveillance capabilities are transforming government’s and organization’s monitoring capabilities. As part of their duties, Blue Teams are expected to defend their systems against aggressors. Early intelligence reports suggest that rouge Hackistanian antagonist are interested in stealing AII’s intellectual property, source code, and customer database. Hackers contracted and working directly for the country of Hackistan are also interested in disrupting IoT devices on-premises at the various AII regional offices.”

The MACCDC team was chosen from members of the CyberDawgs student group, composed of students from a variety of majors who share a common interest in computer and network security. No prior experience is required to join and any UMBC students who want to learn more about cybersecurity and learn new skills in the field are encouraged to subscribe to its mailing list and attend meetings.

The CyberDawgs group is advised by CSEE faculty Charles Nicholas and Richard Forno.

Online Talks Double Feature: Blockchain and Network Defense, 12-2 Fri 3/27, UMBC

UMBC will hold a double feature with two online security-oriented talks from 12:00 pm to 2:00 pm EDT on Friday, March 27. Both talks will be shared via Webex.

From 1:00-2:00 pm, Professor Dr. John Mitchell of Stanford University will give a Lockheed Martin Distinguished lecture on “Will Blockchain Change Everything“. Join the presentation online at 1:00 pm EDT at

Far from serving only as a foundation for cryptocurrency, blockchain technology provides a general framework for trusted distributed ledgers. Over the past few years, their popularity has grown tremendously, as shown by the number of companies and efforts associated with the Linux Foundation’s Hyperledger project, for example. From a technical standpoint, a blockchain combines a storage layer, networking protocols, a consensus layer, and a programmable transaction layer, leveraging cryptographic operations. The distributed state machine paradigm provides atomicity and transaction rollback, while consensus supports distributed availability as well as certain forms of fair access. From an applications perspective, blockchains appeal to distributed networks of independent agents, as arise in supply chain, credentialing, and decentralized financial services. The talk will look at the potential for radical change as well as specific technical challenges associated with verifiable consensus protocols and trustworthy smart contracts.

From 12:00-1:00 pm EDT Col. Dan Yaroslaski, a former operations officer at the Marine Forces Cyberspace Command will talk on “Hard-Learned Lesson in Defense of a Network“. You can join the presentation online at 12:00 pm at

Often network defenders fail to take into account organizational culture when attempting to provide a secure, reliable, and usable enterprise network. Users and process leaders often fall victim to the false allure of the value of networked systems, without asking the question, “Should this be networked?” Collectively, organizations also forget that networks are a combination of the humans who use the network, the personas we all have to form to gain access to this manmade domain, and the interplay of logical and physical network architecture manifested in geographical locations. The value of some simple military principles—including defense-in-depth, mission focus, redundancy, and resiliency versus efficiency—can help a network defender better advise everyone from the “C Suite” decision-makers to the average network user, on how to have a secure network while accepting reasonable limitations.

1 2 3 4 5 137