There is no business, no IP, where some mechanism hasn’t attempted to break in to see if and how much of the information inside can be extracted. A long-range cyberattack occurs every 39 seconds, which is 2,000 cyberattacks per day, on average. 25% of these fall into the category of destructive cyber attacks. The cost of these attacks to the global economy is estimated at $8.15 trillion and is expected to exceed $13 trillion by 2028.

The data was presented by Andreas Simeonidis, professor of Software Development Techniques at the Department of Electrical and Computer Engineering of the Aristotle University of Thessaloniki, at an event for the presentation of the Cybersecurity Seminar Program, which is being launched at the Aristotelian University with funding of $1 million from Google.org and is aimed at students of the three universities of Thessaloniki.

The dangerous “paths” of the internet for data theft

There are five cyber security areas in which the need to further develop mechanisms to counter malicious attacks is urgent and ever-evolving. The first of these is cloud computing, the so-called cloud services offered by various technology providers for storing files. “82% of the data breaches that occur involve data that resides in cloud environments,” Symeonidis said, explaining that “this is the classic space where most attacks will occur, because that is where most of the data is and therefore where there is the most room for someone to be able to strike.”

12% of cyber-attacks take place in processes related to the supply chain. As the professor explained, “when we buy something from the internet, for example from a big online store […] in general at that moment someone is always focused there to be able to intercept specific information”, as “it seems that there is still a gap there, because there is a big demand and a big exchange of information“.

The third area of security concerns the IoT (internet of things, a network for communication between electronic, home and other devices). “Now everyone wears a smartwatch, has a smart fridge, a smart TV, devices the way of communication between them is very specific and if you can get into a smart environment you can essentially access all the information that exists,” Symeonidis said.

The fourth area is privacy (data privacy), as many users use basic models without knowing where their information is located, where it is stored and how it is reused. The fifth area has to do with the huge development of AI, where on the one hand the available technologies can help improve cybersecurity systems by guiding those who are not overly skilled in these technologies to be able to identify problems, but on the other hand they can be used maliciously, e.g. in impersonation attacks.

“It’s the now classic problem where impersonation, being able to pretend to be someone else has become too easy. If, for example, I give a speech and then there is my speech on YouTube, someone with AI mechanisms can impersonate my voice. So if I use voice commands in my car or in my house or I have a Google nest or anything related, now it’s easy for someone to do me by pass on whatever devices I use […] or I can get the information using e.g. “I can get the information or use some mechanisms to change an image and fool a system that uses facial recognition,” Simonides said, explaining that new systems are needed to protect users and critical infrastructure.

Simonides said that new systems are needed to protect users and critical infrastructure.

“We now have smart electricity meters, smart water meters, lots of smart meters. And if someone can get into the system, either by identifying a fault at the device level or at the communication level, mechanisms will have to be developed which will protect the system,”
he added.

What it means to have our information intercepted

But how is a cyber attack valued for a user and for an organisation? According to Symeonidis, stealing a user’s passwords and charging their credit card is simply “the good scenario, in the sense that the user will be aware of this, you will have a cost and there are now mechanisms in place that can somehow protect them and essentially limit the exposure.”

But if it’s a business, an organization, the cost of a cyber attack is huge and has been estimated at an average of $4.45 million per attack on an organization. “So overall, there is a huge cost in a cybersecurity attack, but there is also a huge cost in how one can develop a mechanism to deal with it,” the professor stressed, explaining that based on the way the cybersecurity landscape is shaping up, there is a need for people working in the field who have been trained in a particular discipline to be retrained so as to improve their cybersecurity skills.

Students will be trained by AUTH and Google to work in cybersecurity for businesses in Northern Greece

The Google.org Cybersecurity Seminars program is organized at 23 selected universities from 15 countries in Europe, the Middle East and Africa. It gives the opportunity for free training to students of all disciplines to gain skills in the field of Cybersecurity, where there is a shortage of 350,000 positions in Europe (20,000 positions in Greece) by 2026. The program includes paid internships in organisations/companies.

The Aristotle University of Thessaloniki has been selected to organize the Google.org seminars in Greece. At least 200 students from the Aristotle University, the University of Macedonia and the International University of Greece are to be trained.

Each of the 3 seminars includes 65 hours of lectures, 35 hours of supervised practice and 35 hours of assessment through problem solving. Those who successfully complete the program will be admitted to the internship program. An equal opportunities policy by gender is applied and a number of places will be allocated to students from underrepresented groups.

“We are now part of a partnership of European universities, from which we learn and what we learn we pass on to those who will be trained in these seminars. It is an ambitious program that aims to provide interdisciplinary education on cybersecurity, so we have invited students from all disciplines. It aims to facilitate the students’ training on practical problems, so that the students can then provide protection from cyber threats to businesses and organizations in Greece as part of their internships,” said Panagiotis Katsaros, professor of the Department of Computer Science at the Aristotle University of Thessaloniki and responsible for organizing the cybersecurity seminars, presenting the objectives of the program.

Referring to surveys on cybersecurity education in Europe, Mr. Katsaros noted that there are significant differences in the availability of study programs per country and in Greece we have comparatively more programs at postgraduate level, “so these seminars could be a preparation for a postgraduate degree for those students who are interested”.

The first seminar, to be held on December 6, is on “Operating Systems, in Communication Networks and their Security”, the second seminar is on “Internet Security – Network Security Issues” and the third seminar is on “Principles of Cyber Security Hygiene and Basic Threats and Attacks through Operating Systems”.

The response of the student community of the city targeted by the program exceeded the expectations of the organizers. “In total in the three seminars we will train more than 200 students. In the first seminar we initially said we would accept 100 students and we already have 240 applications for the first seminar, with the deadline being December 2, so we are seriously considering increasing the number,” Katsaros told APE-MPA, adding that in the context of his participation in the inaugural meeting of the program’s partners from all countries, which will be held in the next few days in Malaga, he will ask for more places to be opened for students in Greece.

The Rector of AUTH, Prof. Charalambos Fidas, welcoming the presentation event of the program, said that “the confidence that Google.org showed in the proposal of AUTH is, among other things, a recognition of the high level of education offered by the University in cutting-edge technology subjects such as cybersecurity.” In the greeting sent by the Secretary of Higher Education of the Ministry of Education, Nikos Papaioannou, he stressed that “the cooperation with google proves the high scientific level of the colleagues of AUTH and benefits both undergraduate and postgraduate students and society”.

“As the Region of Central Macedonia, we are at the disposal of the AUTH to assist in the creation of a register of businesses that will welcome students for internships and to cooperate in information and training activities”, said the Vice-Regional Head of Digital Governance of Central Macedonia Nikolaos Jollas in his greeting.

“The country has been very high on the issue of cybersecurity so far, as significant steps have been taken to digitize public services and as the country’s digitization evolves, cybersecurity must evolve as well,” said the president of the Association of Technology and Information Technology Enterprises of Greece (SETPE), Theophilos Mylonas, noting that the cybersecurity sector in Greece needs about 9,000 new scientists every year.