The Public Eye with Eric Chabrow

Helping Enthusiasts Profit from Their Hacking Skills

Helping Enthusiasts Profit from Their Hacking Skills

A popular theme in fiction is of two close childhood friends, exposed to the same harsh neighborhood conditions growing up, who follow divergent paths as they reach adulthood: one becomes a police officer, the other a gangster.

That fine line between good and evil can be found, at times, among computer enthusiasts who have the skills to hack into computer systems. The U.S. Cyber Challenge, an organization formed to direct young people to do good, not evil, with their skills, held three treasure hunt competitions this summer in California, Delaware and New York. Dozens are planned for next summer. The competition is preceded by a camp, where participants receive IT security training from the likes of the SANS Institute, a cybersecurity training and certification organization.

Sometimes inquisitiveness, not malevolent intent, gets the better of these computer aficionados, and they edge into the netherworld of criminality. As Orange County, Calif., community college student and computer enthusiast Kyle Osborn says:

"It's really easy to accidently break a law in the computer world because curiosity can easily overcome commonsense.

Osborn, 19, helped design a U.S. Cyber Challenge competition held earlier this summer at the Polytechnic Institute of New York University in Brooklyn, N.Y., in which teams of four - mostly college students (though a few contestants topped 30 years of age) - broke into computer systems to capture flags. The teams got credit not only for the number of flags captured - actually long strings of code - but for the artistry of their hacks. Indeed, three of the four teams in Brooklyn tied for the most captured flags - 11 - but as winning team member Alex Levinson, 21, a Rochester Institute of Technology computer major, explains:

"A flag count is one thing, but you got more points for more valued prizes. We got into the credit-card database of the network, that was a pretty highly valued target. We were able to, actually do a call from their network, having to seem like it came from their network, essentially convincing them that we were calling from the next room over. They gave us an award for that, too."

U.S. Cyber Challenge Director Karen Evans says showing computer enthusiasts that they can profit by using their hacking skills is a primary goal of the challenge:

"One of the questions we always get asked is, 'How do you know they won't go to the dark side?' And, there is no guarantee. But what I believe, in the heart of hearts, is that everybody wants to do the right thing. ... People don't wake up every day and say, "Gosh, I want to break the law.' ... What they want to do is to contribute positively to society, so this is really capitalizing on this curiosity and competitive nature, and highlighting everything that is good about how you can do this for the greater good."

Along with the camp and competition, U.S. Cyber Challenge also holds what Evans calls a job fair, more of a meeting with a handful of organizations such as the National Security Agency, to inform participants of career opportunities that await their talent. Says Evans:

"What they really would like is a roadmap. How can I navigate through all of this to get a job I really want to do, that I really love and it is not a job.

See our mini-documentary on the Brooklyn competition: U.S. Cyber Challenge: Searching for the Good Hacker.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.