Well, maybe John Robb was wrong about the Pentagon… because here they are, announcing a recruitment contest for young hackers with the intention of turning them into military cybersecurity professionals.
The competitions, as planned, go far beyond mere academics. The Air Force will run a so-called Cyber Patriot competition focused on network defense, fending off a “Red Team” of hackers attempting to steal data from the participants’ systems. The Department of Defense’s Cyber Crime Center will expand its Digital Forensics Challenge, a program it has run since 2006, to include high school and college participants, tasking them with problems like tracing digital intrusions and reconstructing incomplete data sources.
The security-focused SANS Institute, an independent organization, plans to organize what may be the most controversial of the three contests: the Network Attack Competition, which challenges students to find and exploit vulnerabilities in software, compromise enemy systems and steal data.
All that stuff that the Chinese aren’t supposed to be able to do to US systems, in other words. The brass are worried that China’s got the jump on them as far as young hacker talent is concerned:
China, for its part, may be well ahead of the U.S. in cybersecurity education and recruiting, Paller argues. In a hearing before the Senate’s Homeland Security last month, Paller told the story of Tan Dailin, a graduate student in China’s Sichuan province who in 2005 won several government-sponsored hacking competitions and the next year was caught intruding on U.S. Department of Defense networks, siphoning thousands of unclassified documents to servers in China. “China’s People’s Liberation Army is running these competitions all the time, aiming their recruits at the U.S.,” Paller says. “Shouldn’t we be looking for our best talent the way other countries are?”
But a parallel track of domestic cyber training raises the specter of U.S. government-trained hackers not only stealing data from foreign enemies–a diplomatically thorny prospect in itself–but also hacking other targets for fun or profit, and potentially becoming a rogue collection of skilled cybercriminals. “There probably could be a couple people we train that go to the dark side,” admits Jim Christy, director of the Department of Defense’s Cyber Crime Center. “But we’ll catch them and send a message. The good guys will outweigh the bad.”
You’ll catch the ones who aren’t so good at covering their tracks, perhaps. Still, I wonder if the same motivations will express. As mentioned before, China’s hackers are allegedly self-trained and motivated by their own patriotism; will the same apply to the geek demographic in the US, or will the young console cowboys see more opportunity (or less risk) in the civilian sphere? [via SlashDot; image by ioerror]