Earlier this month, Virginia Tech was targeted with an email threat, claiming they would break into the Blacksburg, Va. campus and kill people. What does that mean and how is a cyber threat like this investigated? WVEC, the ABC affiliate in Hampton Roads, Va., talked to Sera-Brynn Chief Information Officer Darek Dabbs about cybersecurity, email threats and forensic investigations in cases like this.
Click here to watch the news clip or read the transcript below.
Janet Roach, WVEC: Virginia Tech was targeted in an email threat yesterday and it still isn’t clear who’s behind it. Someone visiting William and Mary who has a Virginia Tech email address also received the email threat. Whoever sent the message claimed they would break into the Blacksburg campus and kill people. Police are taking it very seriously, especially after the 2007 shooting that claimed the lives of 32 people. But in the age of social media it’s easier than ever to send a violent threat anonymously. So what can be done about it? Joining us in the studio is Derek Dabbs from the cybersecurity firm Sera-Brynn. Thank you so much for joining us and this really is scary but how do you even begin to investigate something like this?
Derek Dabbs, Sera-Brynn: When you investigate it, each email has, behind the email address itself, where it truly came from. Bad guys can alter their “from” line on your email address to make it look like it’s coming from some place it’s not, but what they can’t change is the addresses of how the mail is routed.
Roach: So eventually, it can be traced.
Dabbs: Yes it can. You can find the computer that may have sent it, but connecting that computer to the person touching that keyboard is the biggest challenge.
Roach: How often does something like this happen?
Dabbs: Daily…because we are looking at worldwide. Anybody can jump on the Internet, create an email address and then send an email out to anybody at any time.
Roach: How do you warn people about it? How do you prevent it from happening? (If) it’s something that happens daily, you can’t really stop it.
Dabbs: Sure, you’re correct. You can’t really stop it. Really the only avenue is vigilance. Training people to recognize indicators of fake or phishing emails and then in the case of the Virginia Tech email, having the diligence to evaluate the credibility of the risk and then making proper decisions after the fact.
Roach: If someone receives an email like that, they should report it immediately, right?
Dabbs: Definitely…to their local law enforcement or campus security, or if the threat is even real to the federal law