Monthly Archives: October 2022

UWF Experts Works to Protects Cars from Cyberattacks

“Almost all modern automotive vehicles are equipped with some form of electronic connectivity through GPS devices, smartphones, telematics devices, roadside sensor units, on-board devices, WiFi, among others,” Francia said. “On one hand, these connectivity features provide newly found conveniences. On the other hand, they provide an expanded attack surface that adversaries can take advantage of.”

Francia explained one example is an adversary successfully taking control of a vehicle’s speed on a busy interstate highway. He has been part of a research group known as the Transatlantic (US-Ireland-Northern Ireland) working group on IoT/CPS Cybersecurity Research. Their research has uncovered several cyber threats related to connected vehicles including that the radio frequency signal from keyless remote fob transmitter can be intercepted and cloned for replay attack; the vulnerabilities in automotive controls due to insecure communication channels; the susceptibility of the inter-vehicle network due to an insecure protocol; and the viability of Machine Learning techniques in recognizing various attacks on the vehicle network.

Francia’s research project on securing connected cars from cybersecurity threats began in 2019. It has received funding support from the National Security Agency, the Florida Center for Cybersecurity, the Office on Naval Research and the Florida Department of Transportation. The workshop was supported by the National Science Foundation (USA), Department for the Economy (Northern Ireland), and Science Foundation of Ireland (Republic of Ireland).

For more information on UWF’s Center for Cybersecurity, visit

Article available at

2022-10-27T10:42:35-04:00October 27, 2022|

Sriram Chellappan

Dr. Sriram Chellappan is Cyber Florida’s academic director of research and a professor in the Department of Computer Science and Engineering at the University of South Florida (USF) in Tampa, Florida. Previous to his appointment at USF, he was an associate professor in the Department of Computer Science at Missouri University of Science and Technology where he directed the SCoRe (Social Computing Research) Group. His primary interests lie in many aspects of how Society and Technology interact with each other, particularly within the realms of Smart Health and Cyber Security. He is interested in mobile and wireless networking, cyber-physical systems, and distributed and cloud computing. Dr. Chellappan’s research is supported by grants from the National Science Foundation, Department of Education, Army Research Office, National Security Agency, DARPA, and Missouri Research Board. He received his PhD in Computer Science and Engineering from the Ohio State University in 2007. Dr. Chellappan received the NSF CAREER Award in 2013, the Missouri S&T Faculty Excellence Award in 2014, the Missouri S&T Outstanding Teaching Commendation Award in 2014, and the Missouri S&T Faculty Research Award in 2015.

Research Interests

Socio-technical systems; cybersecurity; smart health; cyber-physical systems; mobile and wireless computing

Teaching Interests

4930/6930: Information Security and Privacy in Distributed Systems;
6611: Operating Systems


PhD in Computer Science and Engineering, Ohio State University (2007)

Honors and Awards

Missouri S&T Outstanding Teaching Commendation Award (2015)
Missouri S&T Faculty Research Award (2015)
Missouri S&T Faculty Excellence Award (2014)
NSF CAREER Award (2013)

Key Activities

Invited Speaker at International Conference on Orange Technologies (ICOT) (December 2015)
Invited Speaker at International Conference on Collaboration Technologies and Systems (CTS) (June 2015)
Technical Program Committee Member, Percom 2016, Infocom 2016, AINA 2016, MSN 2015
IEEE Member

2023-06-05T17:23:07-04:00October 25, 2022|

Charles Shirer – the custom t-shirt wearing CEO who went from Nintendo to Network Security

2022-11-14T18:27:30-05:00October 25, 2022|

Cyber Florida Launches Statewide Cybersecurity Risk Assessment for Critical Infrastructure

Oct. 21, 2022—Tampa, Fla– The Florida Center for Cybersecurity (Cyber Florida) at the University of South Florida and Florida Digital Service are working together to launch the state’s first statewide assessment of both public and private critical infrastructure cybersecurity pursuant to House Bill 5001, Appropriation 2944B. The appropriation provides $7 million in funding to Cyber Florida to “conduct a comprehensive risk assessment of the state’s critical infrastructure and provide recommendations to support actionable solutions for improvement of the state’s preparedness and resilience to significant cybersecurity incidents.”

The assessment is part of a significant investment by the Florida Legislature to enhance the state’s cyber resiliency, dubbed “CyberSecureFlorida.” The initiative also includes a $30-million statewide cybersecurity awareness and upskilling training program for public sector employees and establishing a cyber range to help public cybersecurity and information technology professionals learn to detect, prevent, and mitigate cyberattacks. Law enforcement personnel will also be able to use the cyber range to learn digital forensics and evidence-gathering techniques.

“Florida lawmakers have made an unprecedented investment in the state’s cyber resiliency,” said General (Ret.) Frank McKenzie, Executive Director of Cyber Florida. He continued, “This risk assessment will enable Cyber Florida to start building a statewide community of cybersecurity leaders and practitioners centered on Florida’s collective cyber resiliency.”

The assessment consists of an online survey of roughly 150 questions using the Cyber Security Evaluation Tool (CSET) created by the Idaho National Laboratory and the Department of Homeland Security. Cyber Florida is leveraging Idaho National Laboratory’s critical infrastructure cybersecurity expertise through a Strategic Partnership Project (SPP). Florida is the first state in the nation to conduct a statewide survey using CSET.

The CSET link will open on Oct. 20, 2022, at Participation is voluntary, and Cyber Florida is encouraging all critical infrastructure organizations in the state, both public and private, to participate. Participants will receive a custom risk assessment report for their organization, which they can use to apply for potential grant funding. All data will be kept confidential and housed on secure servers at Cyber Florida’s host institution, the University of South Florida.

The data will be compiled and reviewed by researchers at MITRE working with Cyber Florida to create a report for the Florida Legislature and Governor DeSantis. The report will outline the aggregate, anonymized findings and recommend potential legislation and funding initiatives to enhance and fortify the state’s critical infrastructure cybersecurity posture.

To learn more about the assessment, please visit


The Florida Center for Cybersecurity, also known as Cyber Florida, was established by the Florida Legislature in 2014 to help position Florida as a national leader in cybersecurity through education, research, and outreach. Hosted by the University of South Florida, Cyber Florida leads an array of initiatives to inspire and educate future and current professionals, support industry-advancing research, and help people and organizations better understand cyber threats and what they can do to stay safer in cyberspace.


2023-04-05T17:27:39-04:00October 21, 2022|

Lauren Zabierek – the co-founder of #ShareTheMicInCyber and Cybersecurity Project Executive Director at Harvard’s Belfer Center

2022-10-27T09:11:44-04:00October 21, 2022|

Imposter Syndrome – How Can We Overcome the Feeling That We Don’t Belong?

2022-10-27T09:12:18-04:00October 21, 2022|

The First Meeting – Tashya Denose and Pam Lindemoen Interview Each Other (did they just become best friends?)

2022-10-27T09:13:52-04:00October 21, 2022|

Halloween Hijinks: An Interactive Code Cracking Webinar for Students

This free webinar is open to all K-12 students wishing to learn some code-cracking skills! Join us for a spooky time!

2022-11-03T16:03:44-04:00October 20, 2022|

Colorado State Website Attacked by Russian Hacktivists

I. Targeted Entities

  • Colorado’s official website

II. Introduction

Colorado state officials say that on Wednesday, October 5, 2022, Colorado’s website was rendered unusable as the result of an apparent cyberattack after a known Russia-based hacker group made a Telegram post saying that it would be targeting U.S. state websites. While the U.S. election system is largely disconnected from the Internet, state websites are prime targets for hackers who want to undermine confidence in elections.

III. Background Information

The cyberattack flooded the state’s website with web traffic, and is a common and simple way to disable websites. There is no indication that any of Colorado’s internal systems were accessed or that its election systems were compromised.[1] However, given how close this attack is to the U.S. midterms, experts say that the attack could give the false impression that U.S. elections are vulnerable to foreign interference.[1]

Killnet, the group responsible for the attack, is a Russian-aligned group that claims to be made up of amateur hacktivists who support Russian’s international interests. Killnet adheres to the same model that Ukraine’s IT Army (the IT Army is a Ukrainian government-affiliated movement that frequently posts a list of Russian websites on Telegram for supporters around the globe to try to overwhelm with traffic). The tactic Killnet uses to overwhelm websites with traffic is known as a distributed denial of service, or DDoS.[1] On Wednesday, KillNet posted a list of 12 target states to its Telegram channel: Alabama, Alaska, Colorado, Connecticut, Delaware, Florida, Hawaii, Idaho, Indiana, Kansas, Kentucky, and Mississippi.[1]

It is unclear if other states were affected, but federal officials have repeatedly stated that they do not expect a cyberattack to affect the midterm elections. The Cybersecurity and Infrastructure Security Agency (CISA), which oversees federal cybersecurity support for election infrastructure, released a joint announcement with the FBI saying, “any attempts by cyber actors to compromise election infrastructure are unlikely to result in large-scale disruptions or prevent voting.”[2]

Because DDoS attacks are simple to conduct and don’t inflict lasting damage or give criminals access to hidden information, cybersecurity professionals and other hackers generally regard them as unimpressive. However, Killnet has started becoming more effective at making websites unreachable, and has the potential to cause significant disruptions.[1]


  • T1498 – Network Denial of Service
    Killnet performed a DDoS attack to degrade and block the availability of targeted websites. Network DoS can be performed by exhausting the network bandwidth services rely on.

V. Recommendations

  • Set antivirus programs to conduct regular scans
    Ensure that antivirus and antimalware programs are scanning assets using up-to-date signatures
  • Monitor malware
    Continuously monitor current and new types of malware. Stay up to date on intel and advancements to prevent, defend, and mitigate these types of threats.
  • Turn on endpoint protection
    Enable endpoint detection and response (EDR) to stop unknown malware in the product you’re using.

VI. Indicators of Compromise (IOCs)

Because of the nature of this threat advisory, there are no IOCs. However, it is important that businesses and entities create a business continuity and disaster recovery plan in case a DDoS attack were to occur.

VII. References

(1) Collier, Kevin. “Cyberattack on Colorado State Website Follows Russian Hacktivist Threat.” NBCUniversal News Group, October 6, 2022.

(2) “Malicious Cyber Activity Against Election Infrastructure Unlikely to Disrupt or Prevent Voting.” FBI & CISA Public Service Announcement, October 4, 2022.

Threat Advisory created by The Cyber Florida Security Operations Center. Contributing Security Analysts: Dorian Pope, Sreten Dedic, EJ Bulut, and Uday Bilakhiya.

2022-10-19T14:07:46-04:00October 19, 2022|

Cyber Florida Names Ernest Ferraresso as New Director

October 4, 2022 – Tampa, Fla. – The Florida Center for Cybersecurity at the University of South Florida (USF), also known as Cyber Florida, is delighted to announce that Ernest “Ernie” Ferraresso has been selected to serve as Cyber Florida’s new Director, overseeing the center’s day-to-day operations under Executive Director General (Ret.) Frank McKenzie.

Ferraresso previously served as Cyber Florida’s Associate Director of Programs and Partnerships, leading numerous essential projects and initiatives and helping the center grow from a regional entity to a statewide organization. Among his achievements, Ferraresso built strategic public and private partnerships across Florida to forge a strong cyber workforce and worked to implement programs focusing on education, research, and engagement to advance Florida’s cyber resilience

Before joining Cyber Florida in 2017, Ferraresso was Director of Operations for a small technology design and integration firm, overseeing the design and implementation of cybersecurity and emergency operations center technology solutions in the U.S. and Latin America. He is a retired U.S. Marine Intelligence Officer whose work included assignments with U.S. Special Operations Forces, the Intelligence Community, the George C. Marshall European Center for Security Studies, and U.S. Cyber Command.

“Ernie is a highly respected member of the Cyber Florida team,” said General (Ret.) Frank McKenzie. “His expertise, prior exemplary service at Cyber Florida, collaborative leadership style, and ongoing commitment to the mission made him the standout candidate for this role. I am entirely confident that, under his leadership, Cyber Florida will continue to flourish and secure its rightful place as the nation’s preeminent center for cybersecurity.”

Ferraresso describes his vision for Cyber Florida’s future as being the mechanism at the heart of Florida’s efforts to stand as the national model for a statewide culture of cyber resiliency and collaboration. “Florida has made significant investments in advancing public sector cybersecurity as well as building a robust cyber industry and workforce across the state,” noted Ferraresso. He continued, “There are many entities, both public and private, working toward the same goals across the state, and I see Cyber Florida as the nexus of these efforts, connecting, enabling, and facilitating the initiatives and resources needed for Florida to realize its goal of being the national leader in cybersecurity.”



The Florida Center for Cybersecurity, also known as Cyber Florida, was established by the Florida Legislature in 2014 to help position Florida as a national leader in cybersecurity through education, research, and outreach. Hosted by the University of South Florida, Cyber Florida leads a spectrum of initiatives to inspire and educate future and current professionals, support industry-advancing research, and help people and organizations better understand cyber threats and what they can do to stay safer in cyberspace.


2023-04-05T17:27:51-04:00October 19, 2022|