Shawn Sharp can't resist a phishing email. He's one of those guys always uploading viruses onto his computer.
But the UAB senior is not reckless or stupid. He’s not trying to destroy his own machine or anyone else’s. He’s learning the ways of the enemy—hustlers and hoodlums exploiting the digital domain to wreak havoc; commit fraud and espionage; and profit from ignorance, loopholes, and technological dishonesty.
“I’ll find malware samples and reverse engineer them, see what they do, and figure out what they’re trying to attack,” Sharp says. Beforehand, he set up a virtual environment—installing a virtual copy of Windows, which is frequently targeted by hackers and malicious codes, onto his Mac. “The Windows environment I’ve got is completely closed off so that anything that happens in there can’t affect my actual computer.”
Sharp was among the first undergraduates to major in digital forensics, a new UAB curriculum combining computer science and criminal justice that prepares students for the rapidly changing nature of cybersecurity. Though the College of Arts and Sciences has offered a graduate degree in the field for years, the bachelor’s program forges a new path for aspiring crimefighters. And they are in demand. Protecting the Internet, now an indispensable medium for global business and communication, and its users has become a top priority. Technological trickery such as fraudulent tech support calls, ransomware, and interception of wire transfer payments resulted in $1.3 billion in losses in 2016 alone, according to the FBI’s Internet Crime Complaint Center. The largest portion of this loss came from senior citizens.
Digital detectives at work
Sharp, from Irondale, Alabama, grew up in a family with extensive law-enforcement roots, and has had a lifelong interest in computers. He switched majors from computer science to digital forensics as soon as the program began accepting undergraduates. “It seemed a natural fit,” he says.
Students gain the programming skills and legal knowledge to extract and analyze information from digital devices—evidence that could be crucial in court. In addition, “our internships and work in the lab and in the field are unique,” says Jeffery Walker, Ph.D., chair of the Department of Criminal Justice. “We do cyber counterespionage day in and day out.”
In the UAB Center for Cyber Security, students work on problems sent to UAB by major technology firms. One area, designated the “Facebook suite," was built by the social media company, Walker says. “When Facebook had their first virus, they didn’t know it. We found it and helped them track the people doing it.”
The center's faculty includes Gary Warner, director of research in computer forensics and a nationally known cybersleuth who has worked extensively with the FBI and Department of Homeland Security. Warner, who teaches nearly all the upper-level courses for digital forensics undergraduates, has been awarded Microsoft’s Most Valuable Professional award six times.
In the center's lab, the students' work covers two categories: They conduct vulnerability assessments—consulting with corporations, banks, and other businesses to help prevent attacks on their virtual infrastructure—and they partner with law enforcement agencies to catch wrongdoers. Several years ago, Warner and his students busted a $70-million Ukrainian money-laundering ring. “We also helped take down the big spambot network Kelihos,” an infectious malware network responsible for hundreds of thousands of fraudulent messages and emails plus ransomware attacks on banks, Warner says. “FBI prosecutors came down from Connecticut, and our lab worked closely with them.” Thanks to their efforts, the alleged perpetrator, Russian hacker Pyotr Levashov, was arrested and extradited to the United States in 2017.
Secure futures
Matthew Beck, a senior digital forensics major from Mobile, is eager to work in the lab. After three years of active duty with the Marines in Japan, Beck came to UAB because of its reputation in cybersecurity. He says he enjoys the puzzle-solving aspect of protecting data. “We try to find vulnerabilities for corporations,” he says. “We’re basically being paid to hack, but it’s ethical.” Then he puts the pieces together and reports his conclusions. Beck says he has learned a lot from Warner, who “is one of the forerunners of combining due process and protocol. He shows us how to properly gather evidence and then protect that evidence, hermetically seal it.”
Both Beck and Sharp have bright prospects for careers in law enforcement or information security. “There are over 200,000 job openings in computer forensics and no one to fill them,” Warner notes.
Beck adds, “the unemployment rate in cybersecurity is 0 percent. If you have qualifications, then you are pretty much guaranteed a position.”
In fact, many students work under contract with organizations such as Wells Fargo and Facebook before they graduate, Warner says. “We’ve had students who interned at Facebook. Others worked for the FBI for the summer, while others helped me on various investigations.”
Walker shares everyone’s optimism about job prospects for digital forensics majors and UAB’s contribution to the fight against cybercrime. The undergraduate program is just getting started, he says. “Our biggest focus for growth is recruiting top students,” and working with donors to create scholarships to attract them, he explains. “We want to give them the best start on their careers that we can.”
Early warning: Warner’s blog, CyberCrime and Doing Time, sounds the alarm about new online threats. He also clearly and concisely reveals how the malware works, highlighting discoveries made by UAB students, and suggests tips for protecting your computer.