NSA Teams Up With Colleges to Train Students for Secret Cyber-Ops Jobs
http://www.wired.com/threatlevel/2012/05/nsa-college-students/
By Kim Zetter
The National Security Agency is partnering with select universities to train
students in cyber operations for intelligence, military and law enforcement
jobs, work that will remain secret to all but a select group of students and
faculty who pass clearance requirements, according to Reuters.
The cyber-operations curriculum is part of the Obama administration's
national initiative to improve cybersecurity through education, and is
designed to prepare students for jobs with the U.S. Cyber Command, the NSA's
signals intelligence operations, the Federal Bureau of Investigation and
other law enforcement agencies that investigate cyber crimes.
The U.S. Cyber Command's job is, in part, to support the military in
offensive cyber operations against enemy networks, suggesting the students
would be trained in the methods of hackers.
"We're trying to create more of these, and yes they have to know some of the
things that hackers know, they have to know a lot of other things too, which
is why you really want a good university to create these people for you,"
Neal Ziring, technical director at the NSA's Information Assurance
Directorate, told Reuters.
But another NSA official was quick to add that the NSA wasn't looking to
teach students illegal hacking techniques.
"We are not asking them to teach kids how to break into systems, we're not
asking them to teach that. And a lot of them have said they wouldn't teach
that," said Steven LaFountain, a senior NSA official who guides academic
programs told Reuters. "We're just asking them to teach the hardcore
fundamental science that we need students to have when they come to work
here."
Although 20 universities applied to participate in the program, only four
were selected so far: Dakota State University, Naval Postgraduate School,
Northeastern University and University of Tulsa.
Schools applying for the program had to meet 10 criteria, among them was a
requirement that they teach courses in reverse engineering.
Once the students have the basic knowledge needed, they will be eligible to
receive training to work in classified jobs with the NSA.
"In our operational developmental organization, we would spend up to 12
months to give them the secret sauce, the tradecraft, the really deep
technical training so that they could make themselves useful in doing what
we need them to do, and that's with that technical underpinning," Captain
Jill Newton, who leads NSA's cyber training and education programs, told
Reuters.
==========================================
Exclusive: Spy agency seeks cyber-ops curriculum
http://www.reuters.com/article/2012/05/22/us-usa-intelligence-education-idUS
BRE84L12T20120522?feedType=RSS&feedName=domesticNews
By Tabassum Zakaria
FORT MEADE, Maryland | Tue May 22, 2012 4:42pm EDT
(Reuters) - The National Security Agency is trying to expand U.S. cyber
expertise needed for secret intelligence operations against adversaries on
computer networks through a new cyber-ops program at selected universities.
The cyber-ops curriculum is geared to providing the basic education for jobs
in intelligence, military and law enforcement that are so secret they will
only be revealed to some students and faculty, who need to pass security
clearance requirements, during special summer seminars offered by NSA.
It is not easy to find the right people for cyber operations because the
slice of the hacker community that would make a quality cyber operator
inside the government is only a sliver.
The "quality cyber operators" the NSA is looking for are few and far
between, says Neal Ziring, technical director at the agency's Information
Assurance Directorate.
"We're trying to create more of these, and yes they have to know some of the
things that hackers know, they have to know a lot of other things too, which
is why you really want a good university to create these people for you,"
Ziring told Reuters in an interview at NSA's headquarters in Maryland.
NSA has two main missions: to protect U.S. government computer networks and
to collect foreign intelligence through electronic means like satellites and
decode it.
Of 20 universities that applied, only four received this week the new
designation of Centers of Academic Excellence in Cyber Operations: Dakota
State University, Naval Postgraduate School, Northeastern University and
University of Tulsa.
Out of 10 requirements, the two most lacking at many schools were courses on
"reverse engineering" - or how to gain knowledge of a technology or product
to reproduce it - and cellular communications and mobile technologies, NSA
officials said.
"We found a lot of schools weren't emerging with the technology, weren't
keeping up," said Captain Jill Newton, who leads NSA's cyber training and
education programs.
INNER WORKINGS
NSA officials say the program, which is part of President Barack Obama's
national initiative to improve cybersecurity through education, aims to
prepare students for careers at the U.S. Cyber Command, the NSA's signals
intelligence operations and law enforcement agencies investigating cyber
crimes.
U.S. officials from the Obama administration and Congress have been banging
the drums loudly about the need for greater cybersecurity, accusing China
and Russia of hacking U.S. systems for economic gain.
"Right now you hear a lot of talk about foreign countries, China in
particular, coming into our networks. They get in, they look around, they
see what they might want, they send it home, and you don't know what else
they've left behind," Dickie George, a former NSA official, said. "Why
wouldn't we want to do the same thing? It's not a one-way game."
Many universities are now focused on web technologies such as how to write
applications for the iPhone, which is not what is required for cyber
operations to collect intelligence or defend the government's systems, NSA
officials said.
That requires knowing "the guts, the internals of the operating systems,
having to understand how the hardware actually works," said Steven
LaFountain, a senior NSA official who guides academic programs.
Newton said a cyber operation might involve altering computer systems to
work to one's advantage and doing that "without being seen or without it
being obvious that I was changing the inner workings of the operating
system."
"It could be very useful for a defender, so as you see your stuff being
adjusted, corrupted, exploited, messed with, and being able to recognize
when that is happening to you, to be able to better defend against it," she
said.
About 15 years ago, there was a mindset that the computer system being
compromised happened rarely and if the security was hardened that would be
sufficient to secure it, but the security environment has changed, said
Ziring, a computer scientist and the first non-mathematician in his position
at NSA.
"What we've realized these days is that's hokum, that doesn't work any more,
that systems are under attack constantly," Ziring said.
"For many systems, especially those that for mission reasons have to work in
a very exposed space, being under some degree of compromise is sort of their
new normal state."
That requires actively defending the systems by blocking and mitigating
known problems and hunting for the unknown by looking for anomalies, Ziring
said.
ETHICAL ISSUES
One mandatory requirement in the curriculum is covering legal and ethical
issues so students understand the limits.
"We still found a lot of schools are still a little reluctant on how they
characterize what they are teaching," LaFountain said.
"We are not asking them to teach kids how to break into systems, we're not
asking them to teach that. And a lot of them have said they wouldn't teach
that," he said. "We're just asking them to teach the hardcore fundamental
science that we need students to have when they come to work here."
While the open education provides the basic knowledge, it is not until they
arrive at the NSA that newly hired cyber operators get trained in their
secret jobs.
"In our operational developmental organization, we would spend up to 12
months to give them the secret sauce, the tradecraft, the really deep
technical training so that they could make themselves useful in doing what
we need them to do, and that's with that technical underpinning," Newton
said.
Ziring said it was important to figure out the next step in threat evolution
so the technologies can be built to address it.
"The threat actor's action cycle is speeding up and getting shorter. The
defender's cycle has to get shorter. So what technologies can we build that
will help that?"
(Editing by Anthony Boadle)
==========================================
(F)AIR USE NOTICE: All original content and/or articles and graphics in this
message are copyrighted, unless specifically noted otherwise. All rights to
these copyrighted items are reserved. Articles and graphics have been placed
within for educational and discussion purposes only, in compliance with
"Fair Use" criteria established in Section 107 of the Copyright Act of 1976.
The principle of "Fair Use" was established as law by Section 107 of The
Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain
permission or pay royalties for the use of previously copyrighted materials
if the purposes of display include "criticism, comment, news reporting,
teaching, scholarship, and research." Section 107 establishes four criteria
for determining whether the use of a work in any particular case qualifies
as a "fair use". A work used does not necessarily have to satisfy all four
criteria to qualify as an instance of "fair use". Rather, "fair use" is
determined by the overall extent to which the cited work does or does not
substantially satisfy the criteria in their totality. If you wish to use
copyrighted material for purposes of your own that go beyond 'fair use,' you
must obtain permission from the copyright owner. For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml
THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS
PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.
--
Thanks for being part of "PoliticalForum" at Google Groups.
For options & help see http://groups.google.com/group/PoliticalForum
* Visit our other community at http://www.PoliticalForum.com/
* It's active and moderated. Register and vote in our polls.
* Read the latest breaking news, and more.
No comments:
Post a Comment