Interview with Ed Skoudis: SANS Cyber Guardians hack to help America win the cyberwar

Did you know we have Cyber Guardians who protect the world from cybercrime?

cyberguardian_code_shield.jpg

The spirit of these cyber warriors can be seen in the SANS Cyber Guardian shield. "It has two encoded messages: The first is a Latin Message, 'Sapere aude' which means 'Dare to be wise.' The second message is written in binary code and means 'That I may serve.' Combined these two messages capture the essence of a true SANS Cyber Guardian. Cyber guardians are always protecting vital systems and information. The shield and swords are also a symbol of protection. The colors represent both the offensive and defensive side of cyber security."

The first part of the interview with Ed Skoudis focused on malicious hacking and the threat to America's cybersecurity. This is the second part.

Interview with Ed Skoudis about the SANS Cyber Guardian program.

Uncle Sam is outgunned and desperately needs hackers with skills to stop cyber mayhem. Although Gen. Keith Alexander, the head of U.S. Cyber Command,  said cyberattacks on enemy computer systems should require presidential authority, Homeland Security Secretary Janet Napolitano said DHS is contemplating 'proactive' cyberattacks, "having tech companies participate with the government in ‘proactive' efforts to combat hackers based in foreign countries." 

To defend against such cyber terror threats, America needs elite cyber security professionals similar to military "Special Forces" such as the Army Special Forces 'A' Team and the Navy Seals. While the SANS Cyber Guardian program is for security professionals who are part of the armed forces, Department of Defense, or other government agencies whose role includes securing systems, reconnaissance, counterterrorism and counter hacks, you also encourage infosec professionals from all industries to apply. Can non-military or non-government employees be deployed in the cyber battle to protect the USA, our intellectual property, vital infrastructure, national secrets and finances?

Ed Skoudis: Absolutely. The solution to our cyber security woes cannot be a government-only or military-only approach. Most of the critical infrastructure of our nation is owned by and operated by independent companies, and we desperately need their support in defending their systems against attack. Having the government attempt to secure all of those systems is not only impractical and unlikely to work, it would prove to be quite invasive. Instead, people with the critical skills of hunting for bad guys and finding flaws are needed across industries including power, water, financial services, communications, and more.

Do you believe America is most vulnerable to a "death of a thousand cuts" or a full-scale "cyber-Pearl Harbor event" launched against our electric grid that could "ultimately kill people" such as was demonstrated in the classified mock cyberattack on New York City's power grid during a heat wave?

Ed Skoudis: I think we are facing the thousand cut scenario right now when it comes to our military technology as well as our economic competitive advantages -- our adversaries are stealing some very valuable secrets. A friend of mine likes to say, "What if we've been in an economic cyber war, and we already lost because we didn't realize we're fighting it?"

Certainly, a large scale event with significant damage is possible. However, right now, it's in everyone's best interest to keep things running (even the bad guys want to keep the networks and infrastructure up so that they can continue stealing us blind). In the future, however, the geopolitical landscape will change, and at some point, it may be in some country's best interest to launch an attack that brings a lot of things down. Those will be trying times, for sure.

Cyber Guardian teaches a plethora of baseline skills, including Exploiting Targets: Getting and wielding control over target systems using social engineering client-side and server-side exploits, local privilege escalation, and password attacks (guessing, cracking, sniffing, and pass-the-hash); Reverse-Engineering: Ensure operational capabilities are extremely difficult to reverse. Test capabilities for any counter-intelligence footprint that the capability might leave; Counter Intelligence: Ensure operational capabilities do not leave obvious traces as to the purpose of the operation and who is behind it. So why are there are more Blue Team Cyber Guardian warriors than Red Team warriors?

Ed Skoudis: While both Red and Blue skills are important, the truth is that our country is in more desperate need for large numbers of people with Blue skills. The ability to detect an attack, track an attacker, and clean up compromised systems is crucial to clean up the mess we've found ourselves in.

The SANS Cyber Guardian information security training event in Baltimore, April 30 - May 7, 2012, is held conveniently close to the Presidential Cyber Command which was created in 2010 at Fort Meade, next to the operations center for the NSA, the nation's largest spy agency. Security pros enrolled in the course will partake in "intensive, real-world exercise on defending and attacking systems," and hands on training for both Red and Blue Teams. Upon completion, Cyber Guardians must successfully complete four core courses and the corresponding certifications as well as the GSE (GIAC Security Expert) exam within two years of starting the program. What advice do you offer participants who might find all that testing a wee bit intimidating?

Ed Skoudis: The training is intense, and purposely so. But, these skills can be mastered. We've had great success with the program in helping people take their skills to the next level, and are looking for capable people who can meet the challenge. Through diligent study and the building of hands-on skills, people can really help make a dent in our cyber security problem. It is really an honor for me to be associated with the Cyber Guardian program as I get to help people on their path to becoming world-class cyber warriors.

Do you have what it takes to hack and help America win the cybersecurity war? The USA needs you!

FREE Computerworld Insider Guide: Five IT certifications that won’t break you
Join the discussion
Be the first to comment on this article. Our Commenting Policies