The Stanly News and Press (Albemarle, NC)

State & National News

October 9, 2013

Pennsylvania teens hone hacking skills in contests

Wednesday, October 9, 2013 — Computer-savvy teenagers are testing their skills in cyber-contests designed to teach them how to protect the government and private companies from hackers.

The events are sprouting up across the country under the guidance of federal officials who are keen to boost their agencies' computer-defense forces and high school teachers who want to prepare their students for high-paying IT jobs.

At Baltimore's Loyola Blakefield prep school, a team of students meets twice a week after classes to practice for the Maryland Cyber Challenge, which is being held this week at the Baltimore Convention Center. At the event, they'll have to debug viruses from their computer and defeat mock attacks by cybercriminals played by IT professionals.

"They work together as problem-solvers, and they really like the challenge," says Steve Morrill, the school's director of technology and coach of the cybersecurity team.

The contests include "Toaster Wars," an online hacking game sponsored by the National Security Agency, and CyberPatriot, a national challenge that has grown from nine teams in 2009 to more than 1,200 this year.

During the final round of the 2013 competition, staged last March at the Gaylord National Resort at National Harbor in Maryland, Kevin Houk and five classmates sat in a darkened room, huddled around a monitor and looking for any sign of attack. The teenagers, who at the time attended Marshall Academy, a program that draws students from public schools around Fairfax County, Va., were trying to prevent "black hat" programmers from activating hidden viruses in the students' computer network. The Marshall group had to protect its servers from outside intrusions and defuse ticking time bombs that may have been lurking inside.

"It's a lot like gaming, because you don't know what's going to happen," said Houk, who took computer classes at Marshall Academy. "You always have to keep on your toes."

Now a freshman at Penn State University, Houk hopes to become a cyberwarrior, someday protecting corporate or national assets and information from foreign invaders or meddlesome hackers. "Cyberwarfare is the war of tomorrow, and we don't have enough soldiers on the cyber battlefield," he said. "I just want to be one of those."

The Pentagon's Cyber Command is planning to expand its cyberwarrior force from 900 to nearly 5,000. But there's a hitch: Applicants must have exceptionally clean records. That means no arrests or expulsions for hacking into school computers or shutting down Web sites.

While students are taught advanced computer skills during the lead-up to these cyber-contests, they also receive training in computer ethics, according to Scott Kennedy, assistant vice president and principal systems engineering manager at SAIC, a defense contractor and computer security provider based in Northern Virginia. So serious are contest organizers about fair play that some students have been kicked out for getting into other teams' computers or defacing Web sites.

Houk and other students interviewed at the Gaylord contest say they know the line between a white hat and a black hat.

"We are trained in offensive security, or ethical hacking, but we do know how to monitor a network like a school and watch all the traffic going through," Houk said. "And if it's encrypted, we do know how to break that."

The advisor to Marshall's team calls himself a "gray hat," someone who knows the good and bad sides of cyberwarfare and security. Ryan Walters said he got into trouble as a young man for hacking into computers without permission and was given a choice by a judge to either go to jail or join the military.

"I joined the Air Force," said Walters, who now runs TerraWi, a small start-up specializing in security for mobile devices. "Six months later, I was doing cyberdefense for the military. I became very good at what I do because I understand how the bad guy thinks. I went from black hat to gray hat. I could never be a white hat."

Walters, who has more than 60 students enrolled in his after-school cyberdefense program at Marshall, said he teaches his students "the black-hat mentality; I'm not teaching them how to be bad guys."

Morrill, the Loyola Blakefield coach, also is concerned that some of the skills the students are learning could cause damage.

"I tell them: 'You guys better be on the good side, and you can earn a good living,' " Morrill said. "If we approach students at a younger age and instill those values, the country is going to be better off."

Walters says revelations about leaks by Edward Snowden about the NSA's domestic surveillance programs forced him and other teachers to revamp their lesson plans. In fact, during the summer, two of his students worked at Washington area defense contractors as systems administrators, the type of job that Snowden once held, albeit not with the same access to classified data.

"I teach that it's a bad thing" to leak, Walters said.

The growing interest in cyberdefense contests for young people comes at a time when Pentagon officials are warning about computer attacks from China and other nations.

And it's not just the government that is vulnerable. Utilities, power companies, tech firms, banks, Congress, universities and media organizations all have faced attacks in the past few years. In August, the Web sites of several news organizations, including The Washington Post, were hacked by a group calling itself the Syrian Electronic Army, which supports Syrian President Bashar al-Assad.

"The threat has evolved so quickly," said Diane Miller, director of information security and cyber initiatives for Northrop Grumman, which is a lead sponsor of the CyberPatriot contest. "It really has created a sense of urgency."

Northrop Grumman has hired 40 former CyberPatriot participants, including four who are working in the company's cybersecurity control center. "I tell the students that it's a position of trust," she said.

While most experts agree that introducing young minds to advanced computer skills is a good thing, some worry that the efforts need to be more broad than deep. They say that training a few highly skilled cyberwarriors is less important than having lots of people with adequate knowledge on how to avoid getting hacked.

"There's this tendency to go for the cream of the crop," said James Lewis, senior fellow at the Center for Strategic and International Studies and author of a recent study on computer security vulnerabilities in U.S. firms. "The debate is 'Do you need a team of computer special forces, like Navy SEALS or cyber-ninjas? Or something more like regular forces?' "

Other security experts say that computer defense skills aren't the weak link in the cyber-espionage game. It's the little everyday mistakes that cause problems — giving your password to a colleague or leaving your laptop in a cab, airport or coffee shop, according to Fred Cate, director of the Center for Applied Cybersecurity Research at Indiana University.

"We need people trained not just how to write code for stronger protections," Cate said, "but also systems to guard against human behavioral attacks."

1
Text Only
State & National News
  • The waffle taco's biggest enemy isn't McDonald's. It's consumer habits.

    Gesturing to Taco Bell, Thompson said McDonald's had "not seen an impact relative to the most recent competitor that entered the [breakfast] space," and that new competition would only make McDonald's pursue breakfast more aggressively.

    April 23, 2014

  • Cuba is running out of condoms

    WASHINGTON - The newest item on Cuba's list of dwindling commodities is condoms, which are now reportedly in short supply. In response, the Cuban government has approved the sale of expired condoms.

    April 23, 2014

  • NCSU Study: People Pay More Attention to the Upper Half of Field of Vision

         A new study from North Carolina State University and the University of Toronto finds that people pay more attention to the upper half of their field of vision – a finding which could have ramifications for everything from traffic signs to software interface design.

    April 23, 2014

  • NC State Receives $25 Million NNSA Grant to Develop Leaders, Improve Technological Capabilities for Detecting Nuclear Proliferation

    NC State today was awarded a five-year, $25 million grant by the National Nuclear Security Administration’s (NNSA) Office of Defense Nuclear Nonproliferation Research and Development to develop the next generation of leaders with practical experience in technical fields relevant to nuclear nonproliferation. NC State was selected by NNSA over 22 other proposals following a competitive process that began in May 2013.

    April 23, 2014

  • Winter created urge to get out of town

    This year's harsh winter contributed to an exodus of travelers seeking refuge from the weather by booking tours, cruises and hotels in record numbers, according to AAA Carolinas Travel Agency. Trips taken by those booking through AAA, the largest leisure travel agency in the Carolinas, showed an increase in tours (15 percent), cruises (12 percent) and hotels (33 percent) over the first quarter of 2013.

    April 22, 2014

  • NCSU Study: The Trials of the Cherokee Were Reflected In Their Skulls

    Researchers from North Carolina State University and the University of Tennessee have found that environmental stressors – from the Trail of Tears to the Civil War – led to significant changes in the shape of skulls in the eastern and western bands of the Cherokee people. The findings highlight the role of environmental factors in shaping our physical characteristics.

    April 22, 2014

  • Do your genes make you procrastinate?

    NEW YORK - Procrastinators, in my experience, like nothing better than explaining away their procrastination: General busyness, fear of failure, and simple laziness are just a handful of the excuses and theories often tossed around. Now researchers from the University of Colorado Boulder have added another option to the list: genetics.

    April 22, 2014

  • NCSU STUDY: Impurity Size Affects Performance of Emerging Superconductive Material

    Research from North Carolina State University finds that impurities can hurt performance – or possibly provide benefits – in a key superconductive material that is expected to find use in a host of applications, including future particle colliders. The size of the impurities determines whether they help or hinder the material’s performance.

    April 22, 2014

  • U.S. Archivist to Speak at NC State Commencement

    David S. Ferriero, archivist of the United States, will deliver NC State’s commencement address on Saturday, May 10, at 9 a.m. at the PNC Center in Raleigh.

    April 22, 2014

  • Smartphone kill switches are coming

    Smartphones need kill switches. It's a relatively easy solution to the pricey (and irritating) problem of smartphone theft. But who would have thought that the big carriers would team up with Apple, Google, Microsoft, Nokia, Samsung and lots of other manufacturers to voluntarily begin adding the technology by July 2015? The cooperative spirit! It makes so much sense!

    April 20, 2014

House Ads
Seasonal Content