Learning to hack for all the right reasons

Stephen Beard Jul 10, 2006

KAI RYSSDAL:This fall students in Britain will start on that country’s first bachelor’s degree in hacking. Three years to learn everything they need to know about cyber-crime. How to penetrate the most sophisticated computer systems. How to create worms and viruses. In a course called Ethical Hacking. From London, Stephen Beard reports:


STEPHEN BEARD: Colleges have been teaching computer network security for years. But Colin McLean of the University of Abertay in Dundee believes the old approach misses a trick:

COLIN MCLEAN: Most network security courses will look at defensive techniques, without looking at what the criminals can do.

His new course will enable students to get into the mind of a hacker, to understand exactly how the hacker operates. The premise: it takes a thief to catch a thief.

MCLEAN: I think if you’re in charge of security in a High Street store, you’ll want to know how people are stealing from your store before you can then design the best counter measures. And essentially that’s what we’re doing.

Twenty students are expected to sign up for the course. They’ll be carefully vetted and monitored to make sure they’re not real hackers in the making. They’ll be taught on a secure, enclosed computer system that can mimic any network. They’ll first study the law and ethics of computer use and then, says Professor Lachlan McKinnon, they’ll get down to the nitty-gritty:

LACHLAN McKINNON: We’ll look specifically at the tools that are used by hackers to break into systems, so looking at scripting, holes, worms, viruses, trojan horses. . . .

And then they’ll look at the ways in which hackers cover their tracks:

McKINNON: Encryption systems, what’s called spoofing, rogue accounts, bogus accounts. And an understanding of how you can use these techniques for criminal and malicious behavior.

McKinnon says his course is urgently required. Hacking costs the US alone an estimated $40 billion a year in fraud and digital vandalism.

[SOUND: “What are you doing?” . . . “Dialing into the school’s computer.”]

Hacking was once unusual enough to be movie material. But now the techniques featured in this film, “War Games,” are commonplace:

[SOUND: “They change the passwords every week. But I know where they write it down.”]

When this film was released 20 years ago it caused a bit of stir, telling how a teenage hacker got into the Pentagon’s computer system and practically triggered a Third World War. [SOUND: Siren. Soviet Missile warning!!!]

Fantasy, of course, but only the bit about the Third World War. Just last week the British government agreed to extradite a British man who’s admitted hacking into the Pentagon’s computers. Now, no system is safe, says Professor MacKinnon:

McKINNON: I don’t wish to be a scaremonger, but to be honest, if you as an individual are connected to the Internet, the safest thing you can do is disconnect your computer.

The next safest thing for society, he says, is ethical hacking — arming people with all the skills they need to go gunning for the hackers. But surfers in this Internet cafê just outside London are uneasy about a degree course in the subject:

WOMAN: I think only people working in high levels of government should maybe be given those skills but not a general degree that you can go and get, no.

MAN: I think it sounds rather worrying, actually.

But, says the university, any degree course can be abused. Chemistry to make a bomb. Accountancy to fiddle the books. And forensic science to commit the perfect crime.

In London, this is Stephen Beard for Marketplace.

As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.

Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.

Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.