Enter your email address:

Thursday, February 4, 2016

David Harding; A Recent DSU Graduate!


A special congratulation goes out to David Harding for recently graduating on December 12, 2015 from Dakota State University with a Bachelor’s degree in Computer and Network Security with specializations in Cyber Operations and Information Assurance. DSU is one of four schools in the nation that offers classes in computer security. Of those four schools, DSU is the only public university.

David had originally started out at South Dakota School of Mines and Technology where he was double majoring in Electrical Engineering and Physics when the Army called him to attend an Officer Basic Course in Ft. Sill, Oklahoma, forcing him to put his college career on hold.

David and wife, Princess, will be celebrating their 20th wedding anniversary on February 11th! He has two step-children, Armando and Leticia. Armando currently serves as a drill sergeant at Ft. Still, OK and is married with 5 children; Madison, Jaydon, Jace, Austin, Jaxon, and has one on the way! His daughter, Leticia, lives in Pierre and has two children named Damian and Abagail.

Throughout the years, work, marriage, military, and life in general put David’s college plans on the back burner. After his children were grown and he retired from the military, David found that he had more free time, so he decided to go back to school.

When asked what the hardest part about this whole experience was, David explained, “The grand kids missing reading bedtime stories at night. They would get a couple of weeks in between semesters where I could read them their books. I tried to read them my books, but they just were not that into them.”

The most difficult class he encountered was Reverse Engineering. David went on to say that the class was harder than the Atomic and Quantum Mechanics course he had previously encountered at SDSM&T. He described, “Imagine a puzzle that has no edges and solid white color. Reverse Engineering is solving a puzzle finding the source code of a program by examining the assembly language of a disassembled binary file.”

Although some parts brought adversity, David thought the experience as a whole opened a new window of opportunity for him. He explained, “I could not turn a blind eye toward computer security- so why not embrace it? For one thing, I like the challenge. That explore-new-world-feeling in a subject that is extremely scary. And making the Honor Roll twice as a full-time student with a 4.0 GPA.”

When asked if David planned on getting his Masters, he responded “Hmm… Let me think about that… I need some time off from school for a little while. DSU does have a Doctorate program in Cyber Security and I can start from a Bachelors. I am interested, but, looking at the number of credits and the cost? If I can find a scholarship, maybe?”

To top it all off, David was also inducted into the National Society of Leadership & Success. See if you can find him in this picture!

http://dsu.edu/news/the-national-society-of-leadership-and-success-chapter-at-dsu-inducts-38-ne -

In David's free time, he serves as a member of both the Society for Creative Anachronism (a living history group with the aim of recreating medieval history) and the Capitol Area Pickleball Association. For those of you who aren't familiar with pickleball, David explains it as being like "ping pong, but played on a tennis court and with a whiffle ball." Aside from that, you can find David fixing and cleaning friends computers over a glass of wine or beer.

While BIT is very proud of your accomplishments David, a couple of your coworkers had a few words to say:

“David showed a very focused dedication to achieving his degree through many years of schoolwork. He achieved his goal of a Bachelor’s degree. Congratulations, David!”
- Deni Kromarek

“David is the research and analytical mind of our team, always willing to take on challenges that are sure to expand his ever-growing knowledge of the IT field. Going back to school was another one of those challenges that he tackled head-on, and I admire his determination to see his goals all the way through.”- Brian Oakland

“David has brought valuable programmatic and analytical skill to the web administration team, due to his background in development and pursuing education since. He also is a very helpful person that developers and agency users find very enjoyable to work with. The BIT Data Center is happy to have him as a member of our team.”- Tony Rae

Congratulations on your accomplishment, David! BIT is proud of you! 

Friday, January 29, 2016

Yet, Another Scam You Need To Be Aware Of


Eric Springer, an Australian developer who had previously worked at Amazon as a software developer engineer, described himself as “a security conscious user who follows the best practices—using unique passwords, two-factor authentication, only using a secure computer, and being able to spot phishing attacks from a mile away.”

Which is more than most of us could probably say about ourselves.

Even so, Eric still became a victim of an ever-growing hacking method known as “Social Engineering.” Social Engineering is “a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.”

Eric’s story began when he received a seemingly harmless, yet what he believed to be misdirected, email from Amazon:

http://cdn.arstechnica.net/wp-content/uploads/2016/01/1-CNpX88cuvGqyNLhJvxYW8A-640x322.png


Being the security cautious user he is, Eric decided it was better to be safe than sorry and went on to contact Amazon to see what this email was all about. Amazon informed Eric that he had previously had a conversation with Amazon support. Luckily for Eric, this “conversation” was a text chat, and Amazon was able to email him the following transcript:

http://cdn.arstechnica.net/wp-content/uploads/2016/01/1-MmASv_H55KXTzO3u8ZVQnQ-640x385.png


Before going forward, a couple things to note:
  • The address given by “Eric Springer” is not his actual address. It was a fake address of a hotel located in the same zip code of where Eric actually lived. 
  • The REAL Eric Springer had previously registered some domains on whois.net (a website that allows you to look up who is registered to an individual domain name) where he used this fake hotel address in attempt to protect his identity.
  • The hacker was able to locate this information on whois.net and then provide it to the Amazon representative. 
  • The Amazon Customer Service Representative presumably only looked at the zip code and not the rest of the address.

http://cdn.arstechnica.net/wp-content/uploads/2016/01/1-Iux_MAbuCnbIM_6TdDFYtg-640x532.png

To sum it up, essentially from looking up his personal information on whois.net, the hacker was able to provide fake details from Eric Springer’s account and obtain his real address and phone number in exchange. Unfortunately, the attacker was also able to contact Eric’s bank to issue them a new copy of his credit card. Yikes.

Also, unfortunately for Eric, this was not the last encounter he would have like this. Although Eric had attempted to take further precautionary measures by requesting a note be put on his account that he was at “extremely high risk of social engineering and will always be capable of logging in,” Eric’s account and information was compromised two more times.

Eric’s advice for users?

“Continue to be extremely careful with information you share. Even big companies like Amazon can’t keep it safe.”

Citations:http://searchsecurity.techtarget.com/definition/social-engineering

http://arstechnica.com/security/2016/01/how-amazon-customer-service-was-the-weak-link-that-spilled-my-data/