25 August 2017

H4CK3R H3RO3Z: A Young Brigade of Cyber Talent

Synack

By Synack Community Outreach Squad:
Ellie McCardwell and Jenn Yonemitsu

We partnered with the US Army at r00tz Village at DEF CON this summer to put on a workshop for kids. The kids who participated met white hat hackers from Army and Synack and learned about their start as hackers, new hacking techniques, and advice on how to become hacker heroes.

Our mission: Plug the cyber talent gap before it reaches 3.5M in 20211.

Our goal: Teach kids how to use white-hat hacking skills to keep US networks safe from adversaries.

Our approach: Give kids a taste of offensive cyber operations through hands-on workshops and facilitate them meeting real hacker heroes in the field.

1. Research by Cybersecurity Ventures

The number of attacks waged by bad guys around the world is increasing in size and scale. In our workshop, kids learned how hackers today are applying their “superhero powers” to help our country strengthen its security defenses and keep the adversaries away. We hope that by learning new skills in our hands-on workshop and hearing about our Hack the Pentagon program, we inspired kids to think about future careers in cybersecurity.

“The kids we worked with at r00tz are precisely the kind of talent that the Army and country need to face the cyber-security, engineering, and scientific challenges posed by an increasingly complex threat environment. By working with private sector partners like Synack, the Army is encouraging this future pool of talent to apply their unique skills to public service and our national defense.”

-Daniel Lim

The Army + Synack workshop, How to Hack the Pentagon: Super Power for Good Against Evil, was conducted by Daniel Lim, First Lieutenant, US Army Cyber Command, Unit 780 MI BDE and Synack’s R&D experts Patrick Wardle, Synack’s Chief Security Researcher, Mikhail Sosonkin, Synack’s Director of Research & Development, and David Weinman.

Our participants used actual penetration testing tools to hack a real computer system, going through the steps of footprinting/scanning, enumeration and attack. The kids who joined us gained hands-on experience with penetration testing tools and methodology, and got a taste of what hacking is all about.


 

“I think it’s great that we are investing in educating kids about hacking. Hacking is about a mental approach to playing with technology. Even if these kids don’t become computer hackers, the approach will change their life and hopefully help to change society for the better!”

-Mikhail Sosonkin

 

We interviewed 5 rising stars who participated in our workshop. Read on to get to know the new members of Synack’s H4CK3R H3RO3Z brigade. Cesar, Cole, Daniel, Joey, Rika – best of luck in your future hacking!

Cesar, “Revy”

Age:  10

Favorite Target to Hack: Video games, mods, any gaming software & electronics/hardware

How did you get interested in hacking and security? My step dad works in security and introduced me to it. I like watching Youtube videos on the games and mods. It gets me wondering what else can I do.

What do you like about the r00tz workshops? All the hands-on experience. It was super cool.

Favorite Electronic Device: XBox, followed by my iPad

What do you want to be when you grow up? A professional gamer

Why did you come to r00tz this year? My mom and stepdad attend DEF CON.

Cole

Age:  13

Favorite Target to Hack: PCs

How did you get interested in hacking and security? My father works in cybersecurity, and I sort of just followed on the idea that our modern society is built on the backs of computers.

What do you like about the r00tz workshops? I liked the combination of hands-on activities and talks. My favorite talk and activity was “How to Hack the Pentagon”.

Favorite Electronic Device: Gaming PC

What do you want to be when you grow up? I want to enlist in the Navy.

Why did you come to r00tz this year? My dad was going to Defcon and he asked me if I wanted to come and do r00tz.

Daniel

Age: 14

Favorite Hack: Cell phones / WiFi

How did you get interested in hacking and security? My Dad and Grandpa are both in technology jobs, and my Grandpa specifically did a bit of penetration testing. This just whet my interest on security when I was younger, and made me want to become a penetration tester.

What do you like about the r00tz workshops? The workshops are geared to kids (obviously) but they don’t try to over-simplify and cover things like using a browser or using a text editor. r00tz this year had useful information especially from the Synack/US Army and Logitech demonstrations.

Favorite Electronic/Digital Device: My gaming desktop PC that I built.

What do you want to be when you grow up? Possibly a penetration tester. Hopefully owning a tech business that provides penetration testing/security services!

Why did you come to r00tz this year? We were going to DEFCON and thought r00tz might be good to check out since it was geared toward the younger audience.

Are there any other hacking activities that you like? CTFs and lockpicking

Joey

Age:​ 13​

Favorite Hack:​ The Synack simulation this year​ at r00tz.

How did you get interested in hacking and security?By going to r00tz each year​.

What do you like about the r00tz workshops?​ You can really learn a lot from them. ​I liked the Synack workshop this year because it was the closest to real hacking I’ve ever come​.

Favorite Electronic Device:​ iPhone 5s

What do you want to be when you grow up?​ Hack for the military (Red Team)​

Why did you come to r00tz this year?​ Because it’s very fun and it’s become kind of a tradition with my dad​.

Are there any other hacking activities that you like? Cryptography​

Rika

Age:15

Favorite Hack:Eternal Blue (the hack we went through at the Army+Synack workshop this year).

How did you get interested in hacking and security? ​Through my dad.

What do you like about the r00tz workshops?​ Involvement

Favorite Electronic Device:My laptop

What do you want to be when you grow up?​ A computer engineer

Why did you come to r00tz this year?​ To learn more about hacking.

Are there any other hacking activities that you like? Defcon and the Social Engineering Village

Thank You!

Big shout-out to our blog contributors, all of our participants, US Army and First Lieutenant Daniel Lim as well as to the r00tz organizers for putting on such a wonderful event and for inviting us to participate!

“​I liked the Synack workshop this year because it was the closest to real hacking I’ve ever come​.”

“Thanks for putting on such a fantastic workshop. Every other year, it feels like we’ve seen a piece of the hacking puzzle – crypto, CTF, and so on – but your session put it all together and felt like real hacking. Well done!”