Local Nonprofit Teaches How to Hack for Good
Defending against cybercrime
By Michael Crane
Last year Vineel Adusumilli took a weeklong course on computer hacking. Cybercrime professionals taught him how to find weaknesses in online security systems and then he was given his own advanced workstation to hone his skills, all free of charge.
However, although he was discovering how criminals think, Adusumilli was actually learning how to defend against security breaches as part of the Cyber Boot Camp, hosted by Securing Our eCity Foundation (SOeF). Since 2011 the nonprofit foundation has offered free workshops to businesses, families, students, and seniors across San Diego in an effort to thwart cybercrime.
“Cyber touches everyone and we simply have to have people become more aware of their day-to-day practices — how they tend to make themselves safer,” said Liz Fraumann, executive director at SOeF. “All companies, all businesses, and all organizations should be educating their staff on the basics.”
Securing Our eCity first began in 2008 as an initiative by ESET North America, an antivirus and Internet security company. After years of making software to protect computer users from cyber criminals, researchers at ESET found that the real problem often lies between the keyboard and the chair — with the human user.
The goal of SOeF is to raise awareness of the basic steps everyone can take to protect themselves online. In 2011 the foundation received its official 501(c)(3) status and have been spreading the word ever since. The foundation’s workshops reached more than 4,000 people in 2013 alone.
“What we’re actually doing is teaching them how do you find vulnerabilities; how do you find places that could be exploited?” said Fraumann. “Sometimes it’s just a lack of common sense. People still today don’t change their username and password when it comes out of the box. If people do things like that, it would prevent a lot from what’s going on already.”
A wary digital citizen in her personal life, Fraumann is the ideal captain for the foundation. She only accepts contacts on LinkedIn if she has personally met the person for coffee. She opts out of websites like Spokeo that collect personal information, and she prefers to use gift cards for online purchases, rather than a credit card.
“I very rarely use credit cards,” she said. “If I use a credit card I go with my credit card unless I can see the person swiping it in the register with my own eyes.”
Fraumann has actually followed servers into the back of restaurants in the past because she is so conscientious of cyber crimes.
Although not all will go to the same lengths as Fraumann, she does have some simple tips everyone should follow.
If you have a wi-fi network in your home or business, don’t broadcast your network and make sure to require a password for access.
Many people forget about smart phones when it comes to Internet security, but they can be just as vulnerable. If you have an Android phone, be sure and install an anti-malware product and read the fine print in all applications. Seemingly harmless apps such as a flashlight may actually be collecting personal information from your phone.
With passwords, any single word in the dictionary can be breached in 11 seconds, so long, unusual phrases or passwords with numbers and symbols are best. To make it easy to remember, keep a similar passphrase for all of your accounts but change a single word in each.
“That really makes it very complex and it certainly can’t be breached as easily as the other passwords,” said Fraumann.
Every business, organization, and family should follow these basics, as well as know what to do if there is a security breach. Many times being safe online isn’t a matter of spending more money on better technology or IT personnel, but simply reviewing these fundamentals with every family member or employee. At no cost, SOeF will provide a one-hour workshop to any sized group in San Diego.
Securing Our eCity is also working to encourage local students to consider cyber-security as a profession. 2014 marked the fifth year of the San Diego Mayor’s Cyber Cup, a competition of technological prowess between more than 50 teams of middle and high school teams. SOeF sponsors the cup and invites the top three winners to attend a weeklong Cyber Boot Camp.
Last year Vineel Adusumilli was on the winning team at the Mayor’s Cyber Cup and earned a place at the Boot Camp.
“I think I got a lot of hands-on experience in actually breaking into computer networks,” said Adusumilli. “It’s good for people to be aware of the different ways they can potentially be exploited or attacked so that they’re able to protect themselves.”
During the boot camp, aspiring cyber defenders hear from professionals in a variety of tech fields and get an opportunity to practice finding vulnerabilities at an ESET facility. Law enforcement officials also explain the strict penalties for cyber crimes and boot camp participants pledge to use their new skills to make the Internet safer.
Adusumullii plans to continue studying computer security after graduating from the Cyber Boot Camp and he has already been offered an internship for a company involved in Internet security.
“I think that my experience with cyber security and my experience with the boot camp helped me get that job,” he said.
To download resources on cyber security, schedule a workshop, or learn more about Securing Our eCity Foundation, visit www.securingourecity.org.
The Boot Camp Experience
Some of San Diego’s most computer-savvy high school students are learning how to hack a network in order to prepare themselves for a career in cyber security.
Two dozen students from three local high schools spent a recent week at Cyber Boot Camp in the San Diego offices of ESET, an international computer security company. “We are learning how to hack, but hacking in a good way,” said Chloe Crisostomo, a junior at Mira Mesa High. “In order to learn how to secure, we have to learn how to hack.
In one session, students heard such terms as “decoys,” “replay attack,” “cloning,” and “USB port attack” as Cameron Camp, a security researcher at ESET, held up examples of devices used to attack networks.
“You have to understand the network in order to know how to break it,” Camp told the students, adding a warning that, “All your targets are not what they seem.”
The students participating are from Canyon Crest Academy, Westview High School and Mira Mesa High School, the top three teams in the Mayor’s Cyber Cup earlier this year.
The boot camp is sponsored by the Securing Our eCity Foundation, which funds cyber-security programs to raise awareness among businesses, families, youth and seniors.
In addition to hands-on training, students hear from law-enforcement officials and top researchers about this growing challenge. As a result, says Liz Fraumann, executive director of the foundation, students learn “you don’t just have to sit behind a keyboard to be a cyber professional.”
Cyber crime is on the rise nationally, and has led to a surge in demand for skilled professionals. The number of jobs in San Diego is expected to grow by 13 percent this year.
Fraumann said the foundation hopes the boot camp will lead to internships for the participating students in coming years.