Grand Canyon University Opens 'Cyber Warfare Range' On Campus
You’ve probably heard it before, but there’s a good chance you’ve been hacked — whether you know it or not.
One in three people have been hacked in the United States. Businesses small and large lose important records to cyber breaches every day. The FBI said the total amount of ransom payments to these hackers approaches $1 billion annually.
Cybersecurity professionals are at the frontlines in this fight, but there aren’t enough of them. The research firm Cybersecurity Ventures estimates there will be 3.5 million unfilled cybersecurity jobs by 2021.
Grand Canyon University looked at that gap and decided to partner with the Arizona Cyber Warfare Range to open a new range on campus. And what is a cyber warfare range stocked with but laptops, and people willing to learn.
“We were doing social engineering, which is kind of like people hacking,” said Anthony Brandt, an IT student at GCU.
Wednesday was his first day in the range at GCU, and his first time, as he put it, “people hacking.”
“You search for a person’s name based off of like an email, or their name or birthday or something,” Brandt said. “And you try to find out as much as you can about them just using like Google and Facebook. We actually found an entire guy’s family, including his parent’s phone numbers and addresses, in a matter of like 15 minutes.”
There are other GCU students too, but also folks from outside the school. Anyone can come learn these skills for free, just like they can at the range’s other location in Mesa.
These are skills like figuring out how easy it is to learn personal information about an individual. But then the question is, are they concerned they’ll train someone who goes on to do the actual hacking - instead of defending against hackers?
Brett Scott is the co-founder of Arizona Cyber Warfare Range, and his response is hackers can gain these skills for free elsewhere from other hackers.
“The difference is, if you come and learn it from us — if you want to be a bad guy or girl, and you wanna learn that from us — you have quite literally met the people that are gonna help put you in jail,” Scott said.
And volunteers in the range believe that you can’t fight hacking if you don’t know how it works.
“It’s really hard to get hands-on experience. Especially with the offensive side of things, because people are afraid. They don’t want to put, you know, a loaded gun in your hands,” said volunteer Nick Flahiff.
But, he said, that’s exactly what needs to happen. He also works as a security analyst.
“That’s the reason that people are showing up for these jobs and they’re unqualified. They’re trying to hop straight into defense and they have no idea what these attacks look like — how they’re performed, like really how an attacker is thinking,” Flahiff said.
He said a place that trains you to think like an attacker is rare. Flahiff actually learned all this at the Mesa range, and said it’s largely what got him the job he has now.
Now as a volunteer here, he does things like hack into all the laptops in the room and crack passwords, just to show everyone it’s possible.
“So this rig is able to do about 200 billion words per second. So yeah it’s able to crack passwords basically in minutes,” Flahiff said, talking about a piece of hardware in the range.
It’s a safe space for those learning to give it a go. Then they can move on to jobs where they’ll really know what they’re up against — and be able to stop it.
The rest is up to the user.