I Want To...
I Want To...
Find Research Faculty
Enter the last name, specialty or keyword for your search below.
School of Medicine
I Want to...
Circling the Dome
Defending Against Cyberattacks
Every day and all night long, spammers, scammers, crooks, spies and robots jiggle the doorknobs on the Johns Hopkins Medicine computer network, trying to find a way in.
Darren Lacey, chief information security officer, leads a team working hard to stay one virtual deadbolt ahead in the high-stakes world of cybersecurity.
“We generally block 3 million to 5 million intrusion attempts a day—in addition to knocking down spam and things like that,” says Lacey, who is also responsible for protecting most of The Johns Hopkins University. Lacey packs a laptop that can monitor both Johns Hopkins networks in real time and instant-message staff members when something looks suspicious.
“Ninety-nine percent of these attacks are automated,” he says. “They are essentially scanning the internet, looking for vulnerabilities. They are not intelligent attacks, as a general matter. A substantial proportion of what we block is internal computers on the Johns Hopkins network calling out to sites that are used by attackers as ‘command and control’ systems.”
Lacey’s cybersecurity staff of about 20 people is 30 percent larger today than it was just three years ago. They devote much of their time to running scans and penetration tests to determine any vulnerabilities.
“Penetration testing tries to find weaknesses that hackers might try to exploit,” Lacey explains. “Once, the goal was to be as stealthy as possible so that no one would know that you were testing them. Now I try to be a little noisier. The goal is for departments to be able to monitor their own systems well enough to see whether they’re being attacked. We’re looking for someone to come back to us and say, ‘What the heck is going on with my server?’”
Making his team’s job more difficult is the sheer number of devices—an estimated 100,000, including smartphones and home computers—on the network on any given workday. They generate close to 1 billion sessions a day, he says.