Cyber
the next frontier

Over 3.5 million cyber positions will need to be filled by 2021. Our graduates will become part of a critical layer of defense for our nation and its citizens.

Learn More

The National Security Agency designated the University of Arizona’s Cyber Operations program as a Center of Academic Excellence in Cyber Operations (CAE-CO). With this designation, UA joins an extremely exclusive group of only 20 Cyber programs in the nation. The NSA’s CAE-CO designation demonstrates that UA’s Cyber program meets the most demanding academic and technical requirements.
NSA and Excellence Seals

The Bachelor of Applied Science with an emphasis in Cyber Operations prepares graduates for cyber-related occupations in defense, law enforcement, and private industry.

The curriculum includes both offensive and defensive cyber security content delivered within our state-of-the-art Cyber Virtual Learning Environment to ensure our students have extensive hands-on experiences to develop the knowledge, skills, and abilities necessary to succeed after they graduate. The Cyber Operations program offers two degree tracks, both in-person and fully online:

Cyber
Engineering

The Engineering Track is a deeply technical, interdisciplinary, security focused Computer Science program.

Learn More

Defense
& Forensics

The Defense & Forensics Track is an interdisciplinary Cyber education program.

Learn More

Cyber Law
& Policy

The Law & Policy track lays a strong technical foundation, integrated with legal and policy knowledge.

Learn More

Undergraduate
Certificates

 

 

Program News

Southern Arizona Intelligence Summit

Join us for the 2021 Intelligence Summit, where key intelligence community leaders will speak about the latest in intelligence policy, cyber security, and more. Free for students!

DoD Cyber Scholarship Program (CySP)

The DoD CySP is a yearly scholarship program aimed at Juniors and Seniors pursuing a bachelor’s degree in cyber-related academic disciplines. The CySP is a 1-year scholarship, which grants selected Cyber Scholars tuition and mandatory fees (including health care), funding for books, a $25K annual stipend, and guaranteed employment with a DoD agency upon graduation.

Cyber News

Friday, October 22, 2021 - 13:03
Facebook files suit against Ukrainian man who allegedly scraped data about 178...

Facebook filed a lawsuit against a Ukrainian man in a federal court Friday for allegedly using third-party services to gather information about 178 million users, then selling that information.

Defendant Alexander Solonchenko is accused of using automated tools in 2018 and 2019 to retrieve information about users by looking up their phone numbers through Facebook’s Messenger Contact Importer.  Solonchenko in 2020 started advertising the Facebook data for sale on RaidForum, a marketplace for data leaks where he had sold data from other private companies, the lawsuit says. He sold the data in 2021.

The social media giant argues that Alexander Solonchenko violated Facebook’s terms of service by “using automated means…or attempt[ing] to access data you don’t have permission to access.” The company now is seeking an injunction preventing Solonchenko from accessing Facebook and its products as well as an injunction that would stop Solonchenko from selling or distributing any data obtained from Facebook. The lawsuit also seeks unspecified damages.

This isn’t the first time Facebook has brought legal action against users who collected public data from its website. Facebook in 2020 sued two companies that collected information from its services, as well as other major social media companies for marketing intelligence services. In August Facebook shut down researchers studying misinformation on its platform on the grounds that they had violated the companies policy on automated collection of user data, or “data scraping.”

Other tech companies have also fought against the practice in court. LinkedIn sued the corporate intelligence firm hiQ Labs in 2019 for scraping data from its website. The Ninth Circuit Court ruled in September 2019 that the automated scraping of public data likely did not violate federal hacking laws. However, LinkedIn appealed the case to the Supreme Court, which in June sent the case back to the Ninth Circuit for review. The court heard oral arguments for the case Monday.

It’s not immediately clear if the latest Facebook lawsuit is related to a similar instance in which an individual used a bot to exploit a bug in Facebook’s contact lookup system and scrape user information to create a database that was reported as up for sale on the dark web in April.

Facebook said it in 2019 fixed the vulnerability in its contact system and took other measures to prevent future scraping.

Seamus Hughes, the deputy director of the Program on Extremism at George Washington University and a specialist on court filings, first noticed the latest suit.

The complaint is available in full below.

The post Facebook files suit against Ukrainian man who allegedly scraped data about 178 million users appeared first on CyberScoop.

Friday, October 22, 2021 - 12:59
FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks
The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure 'pen-testing' company.
Friday, October 22, 2021 - 10:32
US warns that Chinese government is using 'wide variety' of methods,...

The Chinese government’s aggressive push to dominate emerging technology such as artificial intelligence, quantum computing, and biotechnology make Beijing the “primary strategic competitor” to the U.S., the National Counterintelligence and Security Center said in a notice published Friday.

The threat from the Chinese government with respect to these technologies is particularly threatening to U.S. national security because of its “well-resourced and comprehensive strategy,” which employs “a wide variety of legal, quasi-legal, and illegal methods” in pursuit of both technology transfers and intelligence gathering, the notice warned.

This information transfer takes place in the shadows—through traditional intelligence activities, intellectual property theft, co-opted insiders, front companies—but also through less overtly nefarious activity such as science and technology investments, academic collaboration, mergers and acquisitions, and legal and regulatory actions, according to the NCSC.

The notice urged companies take steps to protect their “crown jewels,” with such measures as scrutinizing suppliers, partners, and investors, strengthening insider threat programs, and strengthening cyber security and hygiene. It urged individuals in these areas to beware of phishing attempts, and to better understand talent-recruitment objectives and methods.

Tension between the U.S. and China related to technology competition is not new. Huawei, a global telecommunication equipment company based in Shenzhen, was put on a U.S. trading blacklist in 2019 over national security concerns. Strains between the two countries have continued to tighten, with cybersecurity specialists warning that Beijing-aligned hackers have sought to breach American companies to steal a wide range of U.S. trade secrets.

The NCSC is “prioritizing its industry outreach efforts,” the notice said, to raise awareness of particular nation-state threats from the Chinese and Russian governments.

Along with A.I., quantum computing, and biotechnology, the notice also flagged threats associated with autonomous systems and semiconductors. While continued international collaboration and trade in these areas has some benefits, the notice warned, each has its own particular threats.

With respect to artificial intelligence for instance, the Chinese government “possesses the might, talent, and ambition to potentially surpass the U.S. as the world’s leader in the next decade if current trends do not change,” the notice warns. “A.I. is also deepening the threats posed by cyberattacks and disinformation campaigns that Russia, the PRC, and others are using to infiltrate our society, steal our data, and interfere in our democracy.”

Quantum computing also poses particular dangers with respect to the ability to decrypt most commonly used cybersecurity protocols, risking economic and national security communications, the notice states.

“Whoever wins the race for quantum computing supremacy could potentially compromise the communications of others,” it read. Competitor nations are “recruiting America’s human talent to advance their quantum programs,” and some “foreign nations spend substantially more than the United States on their quantum initiatives, putting them better positioned to recruit individuals.”

Quantum industry representatives urged more Congressional funding for the chips needed for quantum computing at a recent White House summit, arguing that “the availability isn’t there right now,” FedScoop reported Oct. 5. Friday’s notice warned that the U.S. is “heavily dependent on a single company in Taiwan for producing its leading-edge chips, and has significant dependence on China for mature node logic chips.” Disruptions to that supply chain risk both economic and security issues, it said.

The post US warns that Chinese government is using 'wide variety' of methods, some illegal, to steal trade secrets appeared first on CyberScoop.

Friday, October 22, 2021 - 10:01
REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers...
A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.
Friday, October 22, 2021 - 07:48
Cisco SD-WAN Security Bug Allows Root Code Execution
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.