Cybersecurity is often thought to be the science of making sure Big Brother can’t read your emails or that hackers can’t steal your bank account number.
Experts like Mourad Debbabi, a professor with the Concordia Institute for Information Systems Engineering (CIISE) and university research chair in information systems security, however, know that cybercrime can have a far greater disruptive effect beyond personal security.
Debbabi points to a recent instance where a major cyber attack on a Ukrainian power company resulted in nearly a million people losing electricity just before Christmas.
Mourad Debbabi: “Sometimes it’s organized crime, sometimes it’s state sponsored, sometimes it’s hackers looking for fame.”
“These attacks, they’re not annoyances — they’re national security matters, they’re public safety matters,” Debbabi says, adding that they can dramatically affect crucial public services such as hospitals, police stations, banks and anywhere else with computerized systems.
Investigating these attacks and devising and refining cybersecurity reinforcements is Debbabi’s raison d’être. It’s also the mission of the CIISE, which he was hired to help shape in 2003. Debbabi says the institute is one of the first programs in Canada to fully specialize in cybersecurity.
“The primary focus is to do interdisciplinary research on information systems applied to all engineering disciplines,” he says. “The department is a research institute. We don’t offer undergrad programs — just master’s and PhD programs. We are research intensive by design.”
CIISE has graduated a few hundred students so far, and the resulting research cluster is hugely important for cybersecurity in Canada. Through its own work and partnerships with the Natural Sciences and Engineering Research Council (NSERC) and other institutions and companies, CIISE professors and researchers have been working on digital fingerprinting, cyberthreat intelligence and other facets of online security.
Prem Sooriyakumar, who works with Concordia’s Office of Research and is helping to coordinate the event, says those in attendance can expect to hear a conversation that oscillates around the fight between a world where almost every business and government service is online, and our need to have our personal information protected.
“The event is an opportunity to hear two researchers in a non-academic context discussing specific issues about cybersecurity,” Sooriyakumar says.
Debbabi and his team monitor all kinds of attacks and offer a few numbers to help quantify their potential for maximum damage. There can be upward of 5,000 distributed denial of service attacks around the world on any given day, he says, and at least 30,000 attacks in any average week.
“It’s a huge problem,” Debbabi says. “Sometimes it’s organized crime, sometimes it’s state sponsored, sometimes it’s hackers looking for fame. But the damage is there, regardless of who’s doing it.”