SOCIAL CYBERDEFENSE OF
URBAN CRITICAL INFRASTRUCTURE

A blog discussing how to leverage social engineering to defend against technical cyberattacks

MIT CYBERSECURITY CLINIC

The new MIT Cybersecurity Clinic (11.274 and 11.074) will be offered in both the fall and spring semester at MIT. 

The Cybersecurity Clinic will consist of four-modules : Cybersecurity for Critical Urban Infrastructure: Understanding the Problem; How the MIT Cybersecurity Clinic Makes Initial Contact with potential Client Agencies; Onsite Assessment of Cybersecurity Vulnerability by MIT Clinic Staff; and Prepare and Submit a Final Cybersecurity Vulnerability Assessment to a Client Agency. MIT students who want to take on field assignments with the Cybersecurity Clinic (for academic credit) must pass the certification examination offered at the end of the fourth module. 

Students who have achieved certification, will work in teams supervised by advanced doctoral and post-doctoral students during the last nine weeks of the spring semester to collaborate with an assigned client agency to prepare a Cyberattack Vulnerability Assessment for a client agency.  

WHO WE ARE

We are developing a new class of non-technical strategies against cyberattacks called Defensive Social Engineering.  Cyber defenders can use Defensive Social Engineering along with technical tools to defeat or compromise attackers. One technique in the Defensive Social Engineering toolbox is Cyber Negotiation. This research is supported by MIT’s Internet Policy Research Initiative (IPRI).  

RESOURCES

Click here for a list of publications and resources

ABOUT THIS BLOG

click above to read more about this blog and watch the short animation below

more

Foreign Adversaries Hack Federal Court System for Second Time

December 1, 2025

The U.S. federal court system’s filing system was attacked this summer for the second time since a 2020 incident under the first Trump administration. The Administrative Office of the U.S. Courts, which manages the filing system, detected the attack around July 4th.[1] The attack forced some federal district courts to revert to paper filings as “the best way to secure sensitive case documents.”[2] The attack has serious repercussions as sensitive court data could threaten the lives of witnesses and upend ongoing and pending criminal investigations.[3] The attack exploited unresolved vulnerabilities that had been known since the previous attack.[4] As in the previous attack, Russia is suspected of being behind the breach this time as well.[5] The U.S. federal courts released a statement following the attack announcing their commitment to “further enhancing security of the system and to block future attacks.”[6] The current filing system, which was rolled out in the mid-1990s and early 2000s, has been flagged as being “outdated” and “not sustainable.” However, its decentralized nature makes it a complex and expensive problem to tackle. As of now, there is still no timeline for a new system.[7]

References:

[1] Sakellariadis, John; Gerstein, Josh (August 6, 2025). “Federal Court Filing System Hit in Sweeping Hack.” Politico

[2] Polantz, Katelyn; Graef, Aileen (August 14, 2025). “Federal Courts Go Old School to Paper Filings After Hack to Key System.” CNN.

[3] Sakellariadis, John; Gerstein, Josh (August 8, 2025). “Cartels May Be Able to Target Witnesses After Major Court Hack.” Politico.

[4] Sakellariadis, John (August 12, 2025). “Hack of Federal Court Filing System Exploited Security Flaws Known Since 2020.” Politico

[5] Goldman, Adam; Thrush, Glenn; Schwartz, Mattathias (August 12, 2025). “Russia Is Suspected to Be Behind Breach of Federal Court Filing System.” New York Times.

[6] U.S. Courts (August 7, 2025). “Cybersecurity Measures Strengthened in Light of Attacks on Judiciary’s Case Management System.” U.S. Courts.

[7] Schwartz, Mattathias (September 3, 2025). “Federal Courts Slow to Fix Vulnerable System After Repeated Hacking.” New York Times.