[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] "Cyber-Soldaten"-Ausbildung in Sandia National Laboratories/Livermore
San Francisco Chronicle, Sunday, February 10, 2002, Page A-4
Battling Computer Crime
Livermore students on front lines of cyber defense
Power grids, air traffic control vulnerable to attack by terrorists
Chuck Squatriglia, Chronicle Staff Writer
Livermore -- Justin Averill can reduce your hard drive to rubble in five
minutes. Give him an afternoon and he just might bring down the
But Averill is not a hacker, cracker or terrorist. He is a cyber
soldier, one of three dozen students at Sandia National Laboratories in
Livermore who are in training to guard the nation against high-tech
Cyberterrorism is a top concern among security experts, who warn that
vast computer networks, such as power grids or air traffic control
systems, are vulnerable to attack.
So great is the threat that the Office of Homeland Security includes an
office of cyber security and infrastructure protection. President Bush's
proposed budget would increase cyber security spending from $2.7billion
to $4. 2billion.
Five of the 70 or so students at Sandia's College Cyber Defenders
Institute have landed full-time jobs there. Another is with the CIA and
still another at the FBI's National Infrastructure Protection Center.
Since 1984, some 40,000 computer viruses have been identified. One of
the most infamous, the "Love Bug," affected 15 million Americans when it
coursed through cyberspace two years ago.
Fred Cohen, Sandia's computer security guru, has seen the danger coming
for almost two decades. Three years ago, he started College Cyber
Defenders to protect Sandia's computers. The Livermore lab does
top-secret research and works with Los Alamos National Laboratory on the
nation's nuclear arsenal, making it a tempting target for hackers.
At the time, Sandia could not compete with the fat salaries being paid
to anyone skilled in infosec -- computerese for information technology
"We couldn't buy what we needed because we couldn't afford it," Cohen,
44, said. "So we decided to build the talent we needed."
Learning infosec from Cohen is like learning theology from the pope. He
created one of the first computer viruses -- a term he is generally
credited with having coined back in 1983 -- and is an expert in infosec
and tracking digital crimes.
Cohen scours the Internet for hacker programs and gives them to his
students, who figure out how they work and how to defeat them. All told,
they have tackled more than 1,200 "attack codes."
The program and its students have a good track record with the police,
although details of the cases they have helped crack are confidential.
They have helped police in upstate New York decipher encrypted images of
child abuse and aided authorities in California and elsewhere while
investigating child pornography cases.
But the program focuses on making computer networks more secure. The
students also develop firewalls to protect computer networks from
outsiders, create methods to recover damaged data and work on dozens of
other projects intended to foil hackers and clean up the messes they
make. Students spend more time in front of a monitor than a blackboard.
"It's hands-on," said Darrian Hale, a 22-year-old San Jose State
University student who joined the program two years ago. "You have the
ability to mess things up and repair it."
Many students, who earn between $12 and $20 an hour, said working at
Sandia is a unique opportunity to learn from the best while earning
invaluable professional experience.
The internship program has so impressed intelligence experts in
Washington that the CIA and National Security Council have paid visits.
Former President Bill Clinton sent a White House delegation to check
things out a few years ago.
"It wasn't that big a deal," Hale said with a shrug. "It was just
another tour coming through."
Getting into the program isn't easy. Participants, most of whom are Bay
Area college students, endure long interviews and must provide
references. A 3. 0 grade-point average is required.
Some of these kids have forgotten more about computers than most people
learn. They pepper conversations with acronyms like LAN, VPN and NAT
while discussing things like UDP packets and TCIP stacks.
And then there's the first test.
"They have to assemble two computers," Cohen says. "They have to know
everything about a computer from soup to nuts."
Although students do most of the learning, they've done some teaching as
well, Cohen said.
"We've had things where Ph.D.s have said, 'We don't think anyone can do
that,' " Cohen said, "and a student's done it in two days."
As he speaks, the students practice crashing computers. It's remarkably
easy -- most can do it with just a few lines of code -- but the students
insist they learn such skills only to protect others.
"I never had any interest in attacking anyone's computer," said Averill,
a 22-year-old student at California State University at Hayward. "But
you have to know how the beast comes at you so you can learn to protect
For online information about College Cyber Defenders, go to
E-mail Chuck Squatriglia at squatriglia -!
- sfchronicle -
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.