Information Technology

An associate degree in cybersecurity gives you the knowledge and skills to work on the front lines of electronic data safety while taking home a lucrative salary.The degree also allows you to pursue additional education to increase your earning potential. 
Because so many daily activities rely on technology, an associate degree in cybersecurity opens the door to entry-level positions across industries. As a two-year degree, an associate degree prepares you to work as a computer support specialist, data analyst, information security associate, and more. Below, we’ve rounded up what you need to know about associate degree in cybersecurity salary and job options.Jobs for a cybersecurity associate degreeCybersecurity, defined as the practice of keeping electronic information safe, extends into private and public sectors, through business and education, and across professions. Cybersecurity jobs include entry-level positions such as penetration testers and advanced roles like cybersecurity engineers. Cybersecurity job salaries vary by location and job title, as well as your experience, degree level, and other qualifications. Here are some common jobs for individuals with an associate degree in cybersecurity.
Computer support specialistMedian salary (2020): $55,510

Description: Computer support specialists, also known as technical support specialists, provide assistance when technology-related problems arise. They help users and organizations by analyzing, troubleshooting, and fixing problems. Computer support specialists also carry out tests to evaluate system functionality, perform maintenance, and train others how to use software and hardware. Next steps: Network and computer systems administrator, software developer, information security specialistCybersecurity analystMedian salary (2020): $76,623Description: Cybersecurity analysts assess security measures used to ensure the safety of an organization’s data. Cybersecurity analysts collect information about security access, intrusion attempts, and potential threats to present to colleagues and other information security professionals. They evaluate threats and help develop processes and standards for protecting networks, systems, and databases.Next steps: Information security analyst, cybersecurity engineer, information security managerInformation security analystMedian salary (2020): $103,590Description: Information security analysts develop and implement security processes and practices to keep an organization’s data safe. They monitor networks, systems, and databases for threats, weaknesses, and security violations. Information security analysts look for ways to improve information safety, install and carry out upgrades, and research new standards of practice.Next steps: Information security manager, database administratorNetwork and computer system administratorMedian salary (2020): $84,810Description: These professionals oversee the daily computer operations of an organization. Network and computer system administrators install, maintain, and evaluate networks and computer systems. They assess computer and network systems’ functionality and efficiency, implement upgrades to increase performance, and solve problems. Network and computer systems administrators often supervise computer support staff and train colleagues how to use software and hardware.Next steps: Computer network architect, computer and information systems manager, computer hardware engineerPenetration testerMedian salary (2020): $92,870Description: Penetration testers evaluate electronic data security by carrying out tests to expose weaknesses in existing technologies. They conduct mock cyberattacks to help organizations identify and address potential vulnerabilities. Penetration testers may perform security tests on computer systems, networks, and web-based applications.Next steps: Information security manager, computer software engineer, senior penetration testerHow can I make more money in cybersecurity?To advance in the field of cybersecurity, you benefit from experience and education. An associate degree in cybersecurity prepares you to pursue a bachelor’s degree in information technology, computer science, or a related discipline. Other cybersecurity training options include pursuit of industry certifications. To employers, cybersecurity certifications demonstrate your expertise and continued dedication to your position. 
Can you get a cybersecurity job with an associate’s degree?

You can get an entry-level cybersecurity job with an associate degree. Common positions include computer support specialist and cybersecurity analyst. 

Is a two-year degree in cyber security worth it?

A two-year degree in cybersecurity is one way to enter the field of cybersecurity. An associate degree builds fundamental knowledge and skills to work as a cybersecurity professional. 

What can I do with an associate in cybersecurity?

With an associate in cybersecurity, you can find an entry-level position in the field. You are also equipped to pursue a bachelor’s degree and cybersecurity certifications.

This article was reviewed by Brian NicholsBorn and raised in upstate New York, Brian Nichols began his IT education through a vocational high school where he focused on computer science, IT fundamentals, and networking. Brian then went to his local community college, where he received his associate of science in computer information science. He then received his bachelor of science in applied networking and system administration from a private college. Brian now lives in Kansas City, where he works full-time as a DevOps engineer. Brian is also a part-time instructor in cybersecurity. He’s passionate about cybersecurity and helping students succeed. Brian Nichols is a paid member of the Red Ventures Education freelance review network. 

ZDNet Recommends More

Schreiber Foods said its plants and distribution centers are back up and running after a ransomware attack took down their systems earlier last weekend. The food production giant became the latest critical industry company to be hit with ransomware in recent months as cybercriminals continue to show little fear in attacking a variety of industries. Schreiber Foods mostly focuses on yogurt, processed and natural cheese as well as cream cheese.Andrew Tobisch, director of communications for Schreiber Foods, told ZDNet that the “cyber event” impacted their systems starting on Friday and lasting through the weekend. “That meant our plants and distribution centers couldn’t use those systems, which they need to run. It impacted all of our locations, but fortunately, we have a specialized response team that immediately jumped into action and began working to resolve the matter,” Tobisch said. “As a result, we’ve made great progress, and our plants began to come back online late Monday, October 25.”Wisconsin State Farmer reported this week that Schreiber — one of the biggest milk processors in the state — had been hit with a $2.5 million ransom demand after the attack. According to the news outlet, the company began telling milk transporters about the issues with their computer systems on Saturday, forcing the haulers to take the milk elsewhere. Employees told Wisconsin State Farmer that they were unable to even get in the building while the attack was being dealt with. 

The attack disrupted the entire milk supply chain because Schreiber uses a variety of digital systems and computers to manage milk processing. The company has thousands of employees and reports billions in sales each year, with locations across Europe and South America.Schreiber Foods is the latest food industry company hit with ransomware in recent months. Last week, CISA attributed two attacks on New Cooperative and Crystal Valley to the BlackMatter ransomware group in September. New Cooperative — an Iowa-based farm service provider — was hit with a ransomware attack on September 20, and BlackMatter demanded a $5.9 million ransom. Crystal Valley, based in Minnesota, was attacked two days later. Both attacks came as harvests began to ramp up for farmers.In the advisory, CISA, the FBI and NSA said BlackMatter has targeted multiple US critical infrastructure entities since July. In September, the FBI released its own notice warning companies in the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains. The FBI note said ransomware groups are seeking to “disrupt operations, cause financial loss, and negatively impact the food supply chain.” The notice listed multiple attacks on the food and agriculture sector since November, including a Sodinokibi/REvil ransomware attack on a US bakery company, the attack on global meat processor JBS in May, a March 2021 attack on a US beverage company and a January attack on a US farm that caused losses of approximately $9 million.  More

Twelve people have been targeted by an international law enforcement operation for involvement in over 1,800 ransomware attacks on critical infrastructure and large organisations around the world. A statement by Europol describes the 12 suspects in Ukraine and Switzerland as “high-value targets” responsible for “wreaking havoc across the world” by distributing LockerGoga, MegaCortex, Dharma and other ransomware attacks against organisations in 71 countries.But it’s unclear if the individuals have been arrested or charged – a Europol spokesperson told ZDNet that “the judicial process is ongoing”.

ZDNet Recommends

The suspects are believed to have various different roles in “aggressive” criminal organisations responsible for encrypting networks with ransomware and demanding a payment in exchange for the decryption key.   SEE: A winning strategy for cybersecurity (ZDNet special report)    Some of the suspects are thought to be involved in compromising the IT networks of targets, while others are suspected of being in charge of laundering Bitcoin payments made by victims.  Europol says that those responsible for breaking into networks did so by using techniques including brute force attacks, SQL injections and sending phishing emails with malicious attachments in order to steal usernames and passwords. 

Once inside the networks, the attackers remained undetected and gained additional access using tools including TrickBot malware, Colbalt Strike and PowerShell Empire, in order to compromise as many systems as possible before triggering ransomware attacks.As a result of the operation, over $52,000 in cash was seized, alongside five luxury cars. A number of computers have also been seized and are being examined in order to secure evidence and identify new leads. In total, more than 50 investigators from agencies around the world – including six Europol specialists – were involved in the operation, which was coordinated by Europol’s European Cybercrime Centre (EC3).SEE: Cloud security in 2021: A business guide to essential tools and best practicesThis included: Norways’s National Crime Investigation Service; France’s National Police and the Public Prosecutor’s Office of Paris; the Dutch National Police and National Public Prosecution Service; Ukraine’s National Police of Ukraine and Prosecutor General’s Office; the United Kingdom’s National Crime Agency (NCA) and Police Scotland; Germany’s Police Headquarters Reutlingen; the Switzerland Federal Police and Polizei Basel-Landschaft: and the United States Federal Bureau of Investigations (FBI) and Secret Service. A recent European Union Agency for Cybersecurity report warned that ransomware is the biggest cybersecurity issue facing the world today. MORE ON CYBERSECURITY More

It’s time to update Chrome and once again, for the third month in a row, Google has fixed two previously unknown ‘zero-day’ bugs in the world’s most popular desktop browser.Google disclosed that it had patched the two high-severity zero-day flaws in release notes for the stable release of Chrome version 95.0.4638.69 for Windows, Mac and Linux. Any version number higher than that will have the fixes.

ZDNet Recommends

It’s a good idea to check out Google’s support page for Chrome updates, which explains how Chrome can be set to automatically update when patches become available. Otherwise, Chrome has an ‘Update’ button that is coloured red if an update is at least a week old, indicating that it should be installed.SEE: This new ransomware encrypts your data and makes some nasty threats, tooThe two zero-day flaws — which are being exploited by attackers now — are being tracked with the identifiers CVE-2021-38000 and CVE-2021-38003. Both were found by Google’s Threat Analysis Group (TAG), which tracks state-sponsored and cyber-criminal exploit activity. The second of the two zero-days was also reported by Samuel Groß from Google Project Zero on 26 October, indicating how fast Google is responding to zero-day discoveries.CVE-2021-38000 is a design flaw due to “insufficient validation of untrusted input in Intents”. It was reported by TAG on September 15.

CVE-2021-38003 — a memory corruption flaw, according to Google Project Zero’s zero-day tracker — is described vaguely as “inappropriate implementation in V8”. V8 is Chrome’s powerful JavaScript engine that Groß hopes to shore up with additional sandboxing protections. As he noted in his proposal, V8 bugs allow attackers to create “unusually powerful exploits” that are hard to mitigate with existing security technologies.”Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in the wild,” Google said in release notes. The update will roll out over the coming days or weeks, according to Google. There are eight, mostly memory-related, security fixes in this Chrome update. The currently listed high-severity flaws include a use-after-free in Sign-in, another use-after-free in Chrome’s garbage collection, insufficient data validation in Chrome’s New Tab page, a type confusion in V8, and a use-after-free in Web Transport.SEE: Cloud security in 2021: A business guide to essential tools and best practicesThis Chrome release marks the 14th zero-day flaw Google has patched in Chrome this year. The 10th was in mid-September when it patched two zero-days. It patched two more zero-days at the end of September and a further two on Thursday.Google hasn’t attributed the exploits to any hacking group. That Google has patched an unusually high number of zero-day flaws in Chrome in 2021 could be interpreted in several ways. The more that get discovered and the quicker they’re fixed via updates is good for end-users. Once patched, the exploit is less valuable. This could mean defenders are getting better at spotting zero-days.On the other hand, Google Project Zero has seen an uptick in zero-days affecting major platforms like Chrome, Windows, and iOS in the past year. The reason for that could be the commercialisation of the zero-day exploit market, providing a shortcut to the acquisition of exploits that otherwise require skills to develop. More

Australian Federal Police (AFP) has ordered an individual to forfeit AU$1.66 million for stealing the log-ins and passwords for Hulu, Netflix, and Spotify accounts. The culprit, based in Sydney, conspired with another individual from the US to steal the log-ins and passwords of streaming service customers and then sold them online at a cheaper rate. The AFP began investigating the matter in May 2018, after it was tipped by the FBI about a now-defunct account generator website called WickedGen.com. WickedGen was a website that sold stolen account details for online subscription services, including Netflix, Spotify, and Hulu. The account details belonged to unknowing victims in Australia and internationally, including the US. The Sydney individual was found to be the creator, administrator, and primary financial beneficiary of WickedGen and three other sites that offered similar services. Across the four websites, the offender had over 150,000 registered users and provided almost 86,000 subscriptions to illegally access legitimate streaming services. The Sydney-based individual pleaded guilty to stealing these log-ins and passwords in October last year. After the guilty plea, the AFP’s Criminal Assets Confiscation Taskforce (CACT) obtained restraining orders over the individual’s cryptocurrency, and bank and PayPal accounts that were held under false names. All up, the AFP has collected AU$1.66 million from the charged individual, with AU$1.2 million of that amount being cryptocurrency.

The funds will be redistributed by the Department of Home Affairs for supporting crime prevention, law enforcement, and community-safety related initiatives, the AFP said. The charged individual will now face a two years and two months prison sentence. The use of online subscriptions have been on the rise in Australia, with almost the same number of Australians watching content from online subscription streaming services, like Netflix, when compared to those who watch free-to-air television. The findings, published by the Australian Bureau of Communications, Arts and Regional Research, found that the popularity of over-the-top services have continued to grow as 70% of Australians watched this type of content as of the end of last year, which is almost triple the amount from 2016. Related Coverage More

A demonstration of Cellebrite technology being used.
Image: Getty Images
In testimony to Australia’s Senate Estimates, Services Australia said its use of Cellebrite software has only been for looking into fraud and identity theft matters. Cellebrite, an Israeli digital intelligence company, is best known for its controversial phone-cracking technology, which it previously claimed could download most data from almost any device on behalf of government agencies. “We’re very aware that we have a role of assurance over AU$200 billion of social support in Medicare and Centrelink programs and so the integrity of those outlays is important,” Services Australia acting-deputy CEO of payments and integrity Chris Birrer said. “We do have a system of compliance in terms of ensuring that people are complying with their mutual obligations under the income support payment and that we take very seriously making sure people are paid the right amount.” Facing questioning around how Services Australia uses Cellebrite’s technology, Birrer said it is only used in fraud and identity theft cases, which has included cases where people have falsely claimed the government disaster relief payments, uploaded images that do not relate to Australia to commit fraud, and stolen the identities of actual customers to hijack payments. According to The Guardian, Services Australia reportedly has a AU$1.2 million contract with the digital intelligence company.  When asked by Senators whether Services Australia could guarantee that the privacy rights of Australian citizens would not be violated, Birrer answered vaguely, opting to instead explain how the agency provides information to customers about how to make reporting changes.

“We publish all information in relation to what [customers’] obligations are in terms of particularly reporting changes of circumstances. That’s made very clear in terms of when people enter onto payment and in the information we provide. In fact, we’ve got a lot of success now in nudging people and presenting information to customers just to remind them to report changes in circumstances that might have resulted in an adjustment to their payment,” he said.Services Australia, which falls under the Minister for Government Services remit, was also questioned about its handling of robo-debt, the government income compliance system that wrongfully issued debts to hundreds of thousands of people. Of the AU$752 million owed by the government for its bungled robo-debt system, AU$740 million has so far been refunded, Services Australia CEO Rebecca Skinner said Senate Estimates. The remaining AU$12 million, which is owed to around 9,200 customers, continued to be outstanding as the agency is still trying to locate these customers, Skinner said. She explained that these customers were harder to find due to estate issues and some of them no longer being customers. Throughout Services Australia’s appearance, Minister for Government Services Linda Reynolds was also repeatedly asked why she continued to refuse to provide documents about the legal advice Services Australia received in implementing robo-debt. Reynolds, in response, maintained that Services Australia’s claim to public interest immunity continued to stand.Since the end of 2019, a Senate committee has been seeking for Services Australia to provide information regarding the legal advice it received in implementing the robo-debt system, while the agency has refused to provide that information under a claim of public interest immunity.  Services Australia’s claim of public interest immunity was rejected in February last year as the Senate committee said the reasons provided for that claim to exist were insufficient. The committee then similarly rejected Reynolds’ claim of public interest immunity in August.    “The Senate has now rejected your PII claim on multiple occasions. And this is now hitting the point where it’s absolutely obstructive to the work of the Senate on behalf of the Australian people. We’re not talking about a few people here. Hundreds of thousands of Australians was served any legal debt by your government,” Labor Senator Deborah O’Neill said. Related Coverage More

Public key infrastructure (PKI) is a system of processes, technologies, and policies for encrypting and signing data. It plays an essential role in authenticating users, servers, devices, software, and digital documents. Yet enterprises are struggling with the growing number of PKI certificates they must manage, and many are considering PKI automation to address this problem, according to a new DigiCert report.The report, “State of PKI Automation 2021,” explores how organizations are handling the challenge of PKI certificate management. Expired certificates are a problem because they disable encryption and create an attack surface for hackers. DigiCert commissioned ReRez Research to survey IT leaders from 400 global organizations of 1,000 employees or more. The survey focused on specialists managing digital certificates for users, servers, and mobile devices.The report revealed that today’s organizations manage more than 50,000 certificates, a steep upsurge from previous years. More than half (61 percent) are concerned about the time it takes to manage certificates. According to 37 percent of the respondents, their organization has three or more departments managing certificates, which creates silos that hide certificates from IT security teams until something goes wrong. A lot of unmanaged keys are out thereA typical organization has as many as 1,200 certificates that are unmanaged, while 47 percent of organizations say they often discover rogue certificates. Rogue certificates are essentially a form of shadow IT, certificates that are ordered outside the purview or processes of IT and frequently are neglected and not managed. This is causing major problems for organizations, such as outages due to certificates expiring unexpectedly, which two-thirds of the respondents have experienced. Even more troubling, one in four organizations have experienced five to six PKI-related outages in the past six months.Organizations struggling with PKI certificate management lack visibility into their certificate deployment landscape and need PKI automation. In fact, most organizations (91 percent) are thinking about it. Only 9 percent of the respondents aren’t discussing PKI automation and have no plans to do so. For 70 percent of the respondents, a solution is likely to be implemented within 12 months. A quarter of the respondents are either implementing or have finished implementing a solution. To gauge how companies are approaching PKI automation, DigiCert separated the respondents into groups of leaders and laggards. The results showed major differences between the two groups. Not surprisingly, 33 percent of those in the leader category are more likely to say PKI automation is important.When diving deeper into the data, the report found the leaders are two or three times better at reducing PKI security risks, avoiding PKI downtime, minimizing rogue certificates, managing digital certificates, and meeting PKI service level agreements (SLAs). In contrast, the laggards — those who aren’t skilled at managing PKI certificates — experience problems with compliance, security, and delays. They’re also less productive, overworked, and losing revenue.  Reining in rogue certificates

Furthermore, PKI management leaders are more accountable for their certificate inventories, whereas laggards are less concerned. When comparing the two groups, the leaders reported fewer certificate-related outages or rogue certificates.While most organizations believe PKI automation is important, the transition isn’t easy. Respondents cited several challenges related to automation, such as cost, complexity, compliance, and resistance to change by staff and management. That’s why DigiCert recommends organizations take several key steps to assess their PKI certificate management prior to automation. Organizations should:Identify and create an inventory of the entire certificate landscape, from TLS to code signing, and client certificates.Remediate keys and certificates that don’t comply with corporate policies.Protect with best practices for issuance and revocation. Standardize and automate enrollment, issuance and renewal. Monitor for new changes.Common certificate workflows include web servers, device identity, code signing, digital signatures, and identity and access functions. When automating certificate workflows, DigiCert recommends organizations should identify unmanaged or manual certificate workflows, adopt automation software that centralizes and manages certificate workflows, and finally, monitor with centralized visibility and control of the workflows. More

A luxury hotel chain in Thailand is reporting a data breach thanks to a notorious group of cybercriminals who have been behind a spate of attacks in recent weeks. Thirayuth Chirathivat, CEO of Centara Hotels & Resorts, said in a statement that on October 14, they were “made aware” of a cyberattack on the hotel chain’s network.An investigation confirmed that cyber attackers had in fact breached their system and accessed the data of some customers. The data accessed includes names, booking information, phone numbers, email addresses, home addresses and photos of IDs. The company did not say if the IDs accessed included passports, which are often asked for by hotels like Centara Hotels & Resorts.”Whilst the breach has been successfully contained, the investigation into the source, root cause and complete extent of the incident remains ongoing and we will provide more information when it becomes available,” Chirathivat said.Chirathivat went on to urge the hotel’s customers to “change their passwords as soon as possible, and to remain aware of any suspicious or unsolicited calls and/or emails requesting personal information.” “We can confirm that we at Centara Hotels & Resorts will not be contacting you to ask for any personal identifiable information,” Chirathivat added, noting that anyone with questions should email or call the hotel. 

The Desorden Group — which claimed responsibility for two recent attacks on laptop maker Acer — said it was behind the attack on Centara Hotels & Resorts. In addition to the hack on Centara Hotels & Resorts, Desorden claimed to have breached the servers of Central Group, which owns the hotel chain and more than 2,000 restaurants across Thailand. That breach involved 80 GBs of files including personal information of customers and business details of each restaurant. In messages to ZDNet, the group claimed the hotel hack was part of the larger attack on Central Group. Central Group is owned by the Chirathivat family, who are worth $11.6 billion. The family, led by Tos Chirathivat, controls thousands of food, fashion, property and building materials businesses across Thailand.The hacker group, which has attacked a number of companies across Asia in recent years, would not respond to questions about whether this was a ransomware attack but claimed they “basically brought down their entire backend, which consists of 5 servers.”They said they stole 400 GB of files over the course of 10 days and added that the data includes information about anyone who stayed at any of the 70 luxury hotels owned by the Thai conglomerate between 2003 and 2021. They claimed the data includes people’s passport numbers and ID numbers. There was even data from people who booked in advance until December 2021.The stolen files also allegedly include business data and employee information. The group tried to claim that they were “assisting” the hotel by showing them how they might “mitigate future attacks” and said they were the ones who notified the company that they had been hacked. Operators connected to Desorden said they were negotiating a ransom payment of $900,000 but the company backed out of the deal on Tuesday. The group is now threatening to leak the information. Centara Hotels & Resorts and Central Restaurants Group did not respond to requests for comment about the claims made by the hackers. The Desorden Group also claimed an attack on the Malaysian servers of ABX Express Enterprise in September.  More