MIT CYBERSECURITY CLINIC
The new MIT Cybersecurity Clinic (11.274 and 11.074) will be offered in both the fall and spring semester at MIT.
The Cybersecurity Clinic will consist of four-modules : Cybersecurity for Critical Urban Infrastructure: Understanding the Problem; How the MIT Cybersecurity Clinic Makes Initial Contact with potential Client Agencies; Onsite Assessment of Cybersecurity Vulnerability by MIT Clinic Staff; and Prepare and Submit a Final Cybersecurity Vulnerability Assessment to a Client Agency. MIT students who want to take on field assignments with the Cybersecurity Clinic (for academic credit) must pass the certification examination offered at the end of the fourth module.
Students who have achieved certification, will work in teams supervised by advanced doctoral and post-doctoral students during the last nine weeks of the spring semester to collaborate with an assigned client agency to prepare a Cyberattack Vulnerability Assessment for a client agency.
Learn more about the Cybersecurity Clinic and how to partner with us here.
WHO WE ARE
We are a team of MIT faculty, students, and researchers helping public agencies defend against cyberattacks through an approach called Defensive Social Engineering (DSE), led by Dr. Jungwoo Chun and Prof. Larry Susskind. Cyber defenders can usually defeat or protect themselves from attacks using DSE and other technical tools. The MIT Cybersecurity Clinic works with municipal or hospital IT staff and cybersecurity specialists in public agencies—especially those managing critical urban infrastructure—to quickly assess their vulnerabilities to attack.
RESOURCES
Click here for a list of publications and resources
ABOUT THIS BLOG
click above to read more about this blog and watch the short animation below
-
Ransomware Attack on Minnesota Capital City
-
Governments Push for Windows 11 Migration as Windows 10 End Nears in October
-
CIRCIA Proposed Regulations Uncertain Ahead of October Final Rule Publication
-
USA Today: Cyberattacks on Critical Infrastructure Are Increasingly Common
-
CISA Proposed Cybersecurity Incident Reporting Requirements for Critical Infrastructure Companies Opened for Comment
-
Boston Globe: How to Thwart Hackers (Local Cybersecurity)
-
Quick guide to the 6 ways we can regulate AI (MIT Tech Review)
-
World agencies issue cybersecurity guidance for smart cities
-
The Electronic Frontier Foundation Opinion Piece on the U.N. Cybercrime Treaty
-
Cyberattacks on local governments 2020: findings from a key informant survey
-
Michigan State University Refuses to Pay Ransom
Samuel Zwickel writes for the Detroit Free Press about Michigan State University's refusal to give into a hacker threatening to publish students’ personal records and university financial documents if the university fails to pay an…
-
Industrial Control Systems
Industrial Control Systems (ICS) are used to manage the internal operations of facilities by allowing communication with physical devices. They are used in automated plants, factories, and many other types of facilities. Places using…
-
It’s time to cyber-protect Industrial Control Systems
Image by David Mark from Pixabay Again, another phishing email. This time the attackers went after a natural gas operator in the US. The attack was aimed at the Industrial Control System (ICS), affecting "crucial real-time…
-
ICT4Peace Now Focusing on Cybersecurity
ICT4Peace ICT4Peace is an organization founded in 2003 in collaboration with the Swiss Government that that focuses on how Information and Communication Technology (ICT) can “save lives and protect human dignity.” Their role is to…
-
Personal data at risk when cities are attacked
Image source: Blogtrepreneur Besides ransomware cyberattacks, others seek to steal personal data, such as social security numbers, credit card information, and home addresses via attacks on municipal governments. When successful attacks allow hackers to seize…
-
Next Target of Cyberattack: electric grids?
Image by H. Hach from Pixabay On March 5th, 2019 "a Utah renewable energy developer [sPower] was hit by a first-of-its-kind cyberattack". This attack briefly disconnected wind and solar farms from the company's control center.…
-
FBI’s new announcement about ransomware and when to pay ransoms
Image credit: Pixabay The FBI has released a new announcement about ransomware attacks. This new document shows a change in the FBI stance regarding the payment of ransoms. The FBI does not advocate for ransom…
-
Smart cities need to spend more on cyber-security
Plans for Sidewalk Labs Quayside Development in Toronto | Sidewalk Labs As smart cities grow and become more interconnected, their decision to underfund cyber-security may make it harder for them to achieve their development goals.…
-
20 Texas Cities Hit by Coordinated Ransomware Attack, State’s IT Department Says
A laptop displays a message after being infected by a ransomware as part of a worldwide cyberattack on June 27, 2017 in Geldrop. | Newsweek Twenty local government entities across Texas have been hit by…
-
Will paying ransomware demands yield less expensive and faster results for Florida city?
A cyber attack crippled the computers of Riviera Beach, forcing operations into a pre-Internet age | Palm Beach Post, Melanie Bell Patricia Mazzei’s June 19th, 2019 New York Times article, 'Hit by Ransomware Attack, Florida…