The Drury university is in the cyber security news for its attempt to hack the city of Springfield. However, it was done with the intent to understand the effectiveness of cyber risk management across the city.
What’s the matter?
The city of Springfield entered into a partnership with Drury University to improve its network security against malicious hackers.
At the same time, it was a rare opportunity offered to a few cybersecurity students to understand the risks from cyber breaches against systems.
This was the second year of the partnership between the city and the university and was conducted under the guidance of seniors as part of their capstone project.
During the test, the students had to attack the network in the way that a malicious hacker would, looking for vulnerabilities that would allow a hacker to compromise assets. The students then prepared a report on the findings, which would be used by the city as well to improve its security.
Significance of such exercises
According to Shannon McMurtrey, assistant professor in cyber risk management, the rise in ransomware attacks against organizations was the primary reason for launching such exercises.
As a part of this exercise, the students were able to hack into several unpatched desktops, laptops, or mobile devices which were believed to be protected and non-exploitable by threat actors.
Understanding risk management in cybersecurity in real-time through training and exercises is believed to help grow cybersecurity skills among individuals. Through real-time training, everyone, including students, gets to know better about offensive and defensive cyber security techniques.