July 6, 2021
Cybersecurity expert on weekend supply-chain attack
WEST LAFAYETTE, Ind. — A weekend cyberattack by hackers hit thousands of companies around the globe. The ransomware barrage focused on supply chain and resulted in a demand of $70 million by the hackers.
Santiago Torres-Arias, an assistant professor of electrical and computer engineering at Purdue University, is working to establish new solutions in cybersecurity, including in the field of software supply chain. A system is only as strong as its weakest link, he said, and in supply chain security, hackers will search to find that one program in a chain of software that is vulnerable and hack it.
“Someone writes a little program and it gets embedded in other systems again and again until it ends up in a power grid program or another high-stakes computer,” Torres-Arias said. “And that tool then becomes a target for attackers that want to, say, break into the power grid.”
More on his expertise:
- Torres-Arias is the core developer or outright creator of many tools dedicated to software supply chain security under the Linux Foundation.
- He has a focus on computer engineering in software supply chain, bolstered with additional research in password storage mechanisms and software update systems, working to ensure that the way people create software and hardware does not compromise the security and privacy of its eventual users.
- He is a member of Purdue’s Center for Education and Research in Information Assurance and Security (CERIAS).
- He was recently quoted in Wired.
Media contact: Brian Huchel, 765-494-2084, bhuchel@purdue.edu
About Purdue University
Purdue University is a top public research institution developing practical solutions to today’s toughest challenges. Ranked the No. 5 Most Innovative University in the United States by U.S. News & World Report, Purdue delivers world-changing research and out-of-this-world discovery. Committed to hands-on and online, real-world learning, Purdue offers a transformative education to all. Committed to affordability and accessibility, Purdue has frozen tuition and most fees at 2012-13 levels, enabling more students than ever to graduate debt-free. See how Purdue never stops in the persistent pursuit of the next giant leap at https://purdue.edu/.
Note to journalists: Journalists visiting campus should follow visitor health guidelines.