Hacking Exercises for the Good Guys

On the first week of April 2013, USA Today reported about the hacking of Israeli government websites, which coincidentally followed after the group Anonymous warned of a massive cyberattack. Among the institutions allegedly attacked were the Defense and Education Ministry, the Bureau of Statistics, and a few banks.

The offensive was characterized by homepages being replaced with anti-government slogans. However, the state’s expert on cryptography and network security, Shlomi Dolev, sees the silver lining amidst all these. He said it is a good test to know whether Israel’s defense systems are actually working, especially in the face of even more serious attacks in the future.

Even the Associated Press was not spared from cyberattacks. On the last few days of the same month, hackers got into the Twitter account of the newsgathering organization and posted a prank message about Obama being injured and the White House being under attack. With the Boston bombing just days before it, the post was taken seriously by followers.

It took minutes before Associated Press was able to reclaim control of the account and correct the misinformation. The consequence of the incident to the stock market is more distressing though. Almost $200 billion equity value were lost that day, as stocks were sold sharply and fast after the fake news came out.

Of course, with cyberattacks becoming almost a daily occurrence, you can expect the good guys to step up against shadowy criminals. In New York University, for instance, a group of twenty-something teenagers meet up every week and train to become white-hat hackers.

Their main goal is help government agencies and businesses protect their websites from attacks on the Web. Much like spies operating from behind the keyboard, these college students hone their hacking abilities while turning up electronic funk music and eating pizza.

Of course, what they do is actually not real-life hacking; it is illegal, regardless of one’s purpose. Instead, they collaborate with their professors and industry experts in creating exercises that expose them to simulated hacking scenarios. Among the most common instruments used by hackers is the Internet Explorer browser.

One classic case is the June 2011 hack that tried to access numerous Google e-mail accounts, an attack that was eventually traced back to China. The group’s mentors recreated the exploit and had the students map out how the criminal was able to infiltrate private networks through access to a desktop computer.

While such schools as Carnegie Mellon, Purdue, and Georgia Tech are quite popular for their excellent cybersecurity programs, the NYU-Poly in Brooklyn seems to be gaining votes as the best training ground when it comes to hands-on experience and mission-critical work. Much of this may be credited to Hack Night, an annual hacking competition every fall and is the largest contest of its kind in the country.