A cybercrime superhero? It takes a genius

Stefan Savage, ’02, earned a MacArthur “genius” grant for his innovative, action-packed research on cyber security.

stefan savage, uc san diego

The internet can be a scary place. Stefan Savage is making it a little safer.

In one study, the UC San Diego professor and his team helped credit card companies shut down spammers who were selling counterfeit goods online. They did it by treating spam like an industry: People are making money off of it, so how do you shut those businesses down?

“We went undercover and pretended to join these criminal organizations,” Savage says. If you’re wondering: No, that is not a normal thing for a computer scientist to do.

And that’s not even Savage’s most unconventional tactic. In another project, he ordered a fleet of General Motors cars and hacked their operating systems, remotely turning the brakes off. In one demo, a graduate student in San Diego hacked a car in Seattle.

“We’ve added computers and networking to common products, and we did it for a good reason, but it creates a risk,” Savage says.

By exposing these risks, his team brought awareness to a security threat before it existed. “The time to do something about your security problems is not when you’re in crisis,” he says. “But it’s kind of Darwinian: If you don’t have a threat, there’s no reason for the security to get better.”

As for what you can do to stay out of trouble online? Avoid clicking on emails that you don’t have a strong reason to receive, Savage says. And when the emotional content is high—You won! You’re in trouble!—be extra skeptical: scammers heighten your emotions to turn off the logical part of your brain.

“When you’re getting a free lunch,” Savage says, “you should be suspicious.”