Technology

We need to smash the stereotype that hackers are all teens in hoodies

The typical image of a hacker is wrong, writes WithSecure’s Tom Van de Wiele. This is an issue because many businesses could benefit from skilled, ethical hackers.

Pop culture has long been fabricating the image of a hacker in the minds of the masses.

According to popular movies such as The Girl with The Dragon Tattoo and The Matrix, hackers are usually teenagers wearing black hoodies, listening to techno music, and sitting in a dark room surrounded by screens flashing code. They are usually shown to be hacking high-level organisations like the FBI or CIA, which they seem to do in a matter of minutes.

Considering how movies portray hackers, it comes as no surprise that the word ‘hacker’ has been coined as a negative term.

However, what is more concerning is that businesses have bought into this stereotype without considering the full spectrum of what being a hacker means. Most businesses do not want to associate with the term as they perceive hackers to be an illicit group which will only tarnish an organisation.

Hacking, in reality, is a skill which takes practice and education to master. Like most skills, hacking can be used for good or evil. Just like being a locksmith, it depends on your knowledge of the law and your moral compass on knowing when and how to use your skills and not endangering others.

Unfortunately, someone who knows a lot about computers and networks and is able to channel their knowledge and experience for whatever purpose in a moral and ethical way is still portrayed as a caricature, because how else can one visualise the difference between an average and expert computer user.

After being a hacker for about 20 years, these stereotypes are slowly disappearing, but they are still present for media productions. The perception perpetuated by pop media is not only misleading to security professionals, but also to businesses that could benefit from the expertise of a hacker.

Who is a hacker?

Hacking requires knowledge and experience as well as preparation – whether it be criminal or ethical. Hacking as a skill is much more than buying a technical gimmick or a ‘hacking tool’ or being a technical expert or even being able to code. It takes a person to have a ‘hacker mindset’, which means being inquisitive, passionate and having a borderline obsessive interest in how things work.

The crux of what we do is to know the ins and outs of a system. Knowing where and how things are bolted together in a system lets us see where the obvious cracks are. While some individuals choose to use this knowledge to protect the system, some choose to profit from it by attacking.

Criminal hackers, or ‘threat actors’, are usually misportrayed as loners who are sitting in a basement carrying out criminal activities. What most people often don’t realise is that these hackers are usually employees much like us, with managers and budgets. They work as a team to initiate campaigns, research potential targets and plan different kinds of attacks.

In the cybersecurity industry, we have seen attack methods improve drastically while becoming more affordable. This is largely due to the fact that attackers do not usually practice specific skills in isolation, they instead work as a community. This means that they share and steal resources from each other, perfecting their skills and exploring different ways to utilise vulnerabilities.

What does the job of an ethical hacker entail?

One of the core responsibilities of an ethical hacker is to conduct threat modelling on a frequent basis.

This means analysing the systems and applications of a business to identify any structural vulnerabilities that can create a potential threat. They will also be able to map out a potential attack surface and identify how well the digital infrastructure is prepared to handle inevitable attacks, without disrupting the real-life IT environment.

This role involves a lot of analytical aspects, as it is their core responsibility to understand how efficient and controlled a firm’s defence is compared to their competitors.

Furthermore, ethical hackers engage in the interplay between threat modelling and editing to understand what an attacker might do based on the perceived attack surface – ie what can be attacked that could yield something interesting or valuable. This all contributes to preparing the organisation’s defences accordingly.

How can an ethical hacker add value to an organisation?

Criminal gangs have countless attacks in the industry every day, which has secured a permanent space for them in the limelight. Therefore, an employed ethical hacker will try to identify and understand the vulnerabilities in a system, using their skills to protect your organisation rather than destroy it.

Ethical hackers tend to walk the line between both the ethical and non-ethical worlds. They know the law and therefore understand what is acceptable and unacceptable. Ethical hackers understand how and what criminal gangs think, which is one of the most useful skills for any business to have.

Employing a skilled ethical hacker on the security team will put your firm in a better position to not only predict potential threats, but also align your defences accordingly. The primary aim of any ethical hacker would be to keep your business a step ahead before an online incident takes place.

The idea behind it is that if a criminal gang assesses your infrastructure and deems it too robust, meaning they would need more resources to carry out a breach, they are likely skip you. It is impossible to make an impenetrable system, however ethical hackers identify where the cracks in the system are and cease potential opportunities for attacks, thus reducing the possibility of a transgression. This is the true value of having a hacker on your side.

To sum it up, ethical hackers have an intense job that requires us to work with a team carrying out creative solutions to combat creative threat attacks.

There is still a lot of work that needs to go into getting rid of these previously imposed perceptions of what a hacker is. An ethical hacker has the power to make a difference in the security structure of an organisation and to protect the business and even the society at large.

Now is the right time to break the stereotypes and rise above them.

By Tom Van de Wiele

Tom Van de Wiele is principal threats and technology researcher at cybersecurity company WithSecure. He has an extensive background in offensive security, and is responsible for performing and validating threat research while exploring potential protection capabilities as part of current and new technology, privacy and other cybersecurity-related areas.

Source link

Current

Chemistry Problems & Quantum Computing

The researchers compared the results of a conventional and quantum computer to minimise error calculations, which could eventually be scaled up to solve more complicated problems.

Scientists in Sweden have successfully managed to use a quantum computer to solve simple chemistry problems, as a proof-of-concept for more advanced calculations.

Currently, conventional supercomputers are used in quantum chemistry to help scientists learn more about chemical reactions, which materials can be developed and the characteristics they have.

But these conventional computers have a limit to the calculations they can handle. It is believed quantum computers will eventually be able to handle extremely complicated simulations, which could lead to new pharmaceutical discoveries or the creation of new materials.

However, these quantum machines are so sensitive that their calculations suffer from errors. Imperfect control signals, interference from the environment and unwanted interactions between quantum bits – qubits – can lead to “noise” that disrupts calculations.

The risk of errors grows as more qubits are added to a quantum computer, which complicates attempts to create more powerful machines or solve more complicated problems.

Comparing conventional and quantum results

In the new study by Chalmers University, scientists aimed to resolve this noise issue through a method called reference-state error mitigation.

This method involves finding a “reference state” by describing and solving the same problem on both a conventional and a quantum computer.

The reference state is a simpler description of a molecule that can be solved by a normal computer. By comparing the results from both computers, the scientists were able to estimate the scale of error the quantum computer had in its calculation.

The difference between the two computers’ results for the simpler reference problem was then applied to correct the quantum computer’s solution for the original, more complex problem.

This method allowed the scientists to calculate the intrinsic energy of small example molecules such as hydrogen on the university’s quantum computer.

Associate professor Martin Rahm – who led the study – believes the result is an important step forward that can be used to improve future quantum-chemical calculations.

“We see good possibilities for further development of the method to allow calculations of larger and more complex molecules, when the next generation of quantum computers are ready,” Rahm said.

Research is happening around the world to fix the problems limiting the development of more advanced quantum computers.

Earlier this month, Tyndall’s Prof Peter O’Brien told about his group’s work in addressing a key challenge in quantum technology and how quantum communications will make eavesdropping ‘impossible’.

Current

12 Outstanding Tech Resources To Improve Your Skills

If you want to improve your tech skills and don’t know where to start, this list introduces you to some of the resources out there.

If you’re familiar with our advice pieces, you’ll know that we regularly mention various resources you can use to upskill in tech.

We’ve steered readers towards courses from the likes of Udemy, Udacity and Coursera for learning tech concepts from machine learning to data literacy skills. And we’ve pointed out Python meet-ups run by Python Ireland among others.

But what if you’re not sure what these platforms are? Or you aren’t sure which one is the best one for you and your learning style? Maybe you like the idea of Python Ireland and you want to find other similar groups.

Here is an introduction to some of the best resources out to hone your tech skills.

Coursera

Founded by two Stanford University computer scientists, Coursera is a global online learning platform for techies of all stripes.

It has partnerships with major companies like IBM and Google, as well as with universities such as Stanford and Imperial College London.

If you need a bit of guidance, scroll to the bottom section of the Coursera homepage and you’ll find articles that provide advice on how you can achieve a career in areas such as data analytics using the site.

In terms of courses, it provides everything from short certificates to longer postgraduate degree programmes.

Codeacademy

This one is for anyone who wants to brush up on their coding skills; the clue is in the name. Codeacademy offers free short courses in a variety of languages such as Python, C++, C, C+, Bash, Go, HTML, R, SQL and Ruby.

Codeacademy is particularly useful for people who like interactive learning, as it has links to cheatsheets, projects, video and coding challenges under Resources at the bottom of its homepage.

It has a pretty active online community, too.

edX

This Coursera rival – its founders are MIT and Harvard scientists – carries thousands of courses. Like Coursera, many are university-level, with edX making use of its partnerships with the likes of Boston University, University of Cambridge and Google.

Scroll to the bottom of the homepage and you’ll find boot camp courses in topics such as fintech and cybersecurity, as well as longer courses.

Data Camp

Like Codeacademy, Data Camp is quite hands-on and has a lot of short, free courses. It’s best for people who are interested in data science and related technologies.

You can select a specific skill you want to brush up on (like data literacy, NLP, machine learning) or you can explore different career paths such as data scientist, data analyst and statistician.

If you just want to get to grips with a particular tech tool (ChatGPT, Tableau) you can do that too.

Irish meet-up groups

Going along to events run by Irish tech community groups can be a fun way to keep on top of new tech trends and meet like-minded people.

You can find lots of different events on Meetup no matter what you’re interested in. Dublin Linux Community meets monthly, as does Python Ireland and Kubernetes Dublin.

If you want something more casual, there is a coffee chat for indie hackers in Dublin in early June. And it isn’t just the in capital: there are online events and conferences, as well as things going on in Cork, Galway and Belfast.

Khan Academy

Khan Academy is another one to consider if you want to do an online tech course, even though it’s not as well known as some of the other names on this list.

Its short video lessons are good for beginners and it provides lessons and learning paths for children, too.

It is a non-profit organisation and it aims to educate people all over the world for free.

LinkedIn Learning

The educational offshoot of LinkedIn has business and tech courses galore for anyone who wants to perfect certain skills.

If you already have LinkedIn, LinkedIn Learning is a good bet as you can add your certificates of completion to your profile.

It’s not free, however, but it does offer a one-month free trial.

Pluralsight

Software educational platform Pluralsight provides learning plans for teams as well as individuals. It’s quite skills focused, perhaps more so than some of the other resources that include non-tech courses on their sites.

You can pick up new skills like cloud tech, programming and test your progress using specially designed exercises.

Skillshare

Best for creative techies, Skillshare carries courses in things such as graphic design and photography – but many of these areas are arguably tech focused.

If you’re interested in things like UX and UI design or how tech tools can be used for creative purposes, you may find a short course that takes your fancy.

It’s got a lot of creatives on its books that are willing to, yes, share their skills.

Digital Skillnet

An Irish resource for all things technological, Digital Skillnet is a great site to keep in mind for future educational and upskilling opportunities.

If you prefer the familiarity of an Irish-run organisation, it has plenty of information about the types of careers you can break into.

Whether you’re an employer looking to find resources and courses for employees, or an individual looking to reskill, upskill or find a tech job, Digital Skillnet should definitely be one of your first ports of call.

Udacity

Udacity is pretty good for anyone who wants to try out a tech course as it has a lot of short and beginner courses as well as longer ones.

It also has an AI chatbot running in beta which offers to assist you when you visit its website.

You can pick from courses on topics such as programming and development, AI, data science, business intelligence and cloud computing.

Scroll to the bottom of the homepage for in-depth career-related resources.

Udemy

One for bargain hunters, Udemy constantly runs sales on its courses. It has hundreds of thousands of courses, too, so you won’t have difficulty finding something.

It’s good for beginners as many of the courses are short and delivered through video. What’s cool about Udemy is there is so much on the site that you can quite easily find courses on a certain topic from beginner right through to specialist level.

Culture

How News Helicopters Ushered A Fresh Television Genre In Los Angeles

By Darren Wilson

Fifteen minutes of fame was not enough for Johnny Anchondo. Local television devoted some 100 minutes of live coverage to this repeat offender, following one of the wildest chases Los Angeles has seen in recent years. In that time, the 33-year-old criminal ran a stop sign and caused an immense mobilization of the police as he stole two pickup trucks, rammed into dozens of vehicles at high speed and escaped from at least 15 patrol cars that were hot on his trail for some 12 miles. All of this was recorded by the all-seeing eye in the sky, news helicopters.

“Chases are the best. They are dynamic, they move fast. Things can change in an instant. Sometimes they seem endless from up there,” says Stu Mundel, one of the journalists who have been following events on the city streets from a helicopter for decades. “And I say this from the bottom of my heart, it’s genuine, but I always wish things would end well,” he adds.

In Los Angeles, chases are now a television genre in their own right. Journalists like Mundel fly for hours over a gigantic urban sprawl of 88 cities with 11 million people. From way up high, they report on traffic, crashes, shootings and fires in the metropolitan area. But few events arouse the audience’s interest as much as the chases through the city’s vast thoroughfares. The police chase starring Anchondo attests to that fact; the video has over 28 million views on YouTube.

The genre was born in this city. The idea came to John Silva, an engineer for a local television station, while he was driving his car on a freeway near Hollywood. “How can we beat the competition?” he wondered. The answer came to him behind the wheel. “If we could build a mobile news unit in a helicopter, we could beat them in arriving to the scene, avoiding traffic and getting all the stories before the competition,” Silva told the Television Academy in a 2002 interview.

In July 1958, a Bell 47G-2 helicopter made the first test trip for the KTLA network, becoming the first of its kind anywhere in the world. By September of that year, Silva’s creation, known as the Telecopter, already had a special segment on the channel’s news program. Before long, every major television network had one. Silva died in 2012, but his invention transformed television forever.

The chase genre’s crowning moment came in June 1994, when the Los Angeles police chase of a white Ford Bronco was broadcast live on television. In the back of the vehicle was O.J. Simpson, the former football star, whom the authorities had named the prime suspect in the murder of his ex-wife and her friend. Bob Tur (now known as Zoey Tur after a sex change operation), the pilot of a CBS helicopter, located the van on the 405 freeway being followed by dozens of patrol cars. Within minutes, there were so many helicopters following the convoy that Tur found the scene worthy of Apocalypse Now. The audience was such that TV stations interrupted the broadcast of Game 5 of the NBA Finals to follow the chase, which lasted two hours.

Motorists wave to ex-football star O.J. Simpson as he flees from the police in the back of a white Ford Bronco pickup truck driven by Al Cowlings in Los Angeles, California, in June 1994.

“It’s a very interesting thing. It may sound morbid, but it’s not. People follow [police chases] because they are like a movie, we want to know how it will end and how the story unfolds: will good triumph over evil? Or will this person manage to escape? We journalists are objective, but the adrenaline and excitement is genuine,” says Mundel. In his years of experience, he has seen how technology has evolved. In the 1990s, people used a paper map as a guide. Today, viewers can see a map superimposed on the images Mundel captures with his camera.

Four out of 10 chases are initiated after a vehicle is stolen. The second most common reason for them are hit-and-runs by drivers who are drunk or under the influence of drugs. According to the Los Angeles Police Department, most fugitives are hiding a more serious crime: homicide, rape or violent robbery. In 1998, only four out of the 350-plus drivers arrested after a chase were let off with only a traffic ticket; five hundred chases were recorded that year.

A growing phenomenon

In 2022, 971 chases were recorded. On average, chases last about 5.34 minutes and cover about five miles, although the vast majority (72%) end within five minutes and do not travel more than two miles. 35% of documented chases ended in crashes with injuries or fatalities in 2022. That figure represents a slight decrease from 990 in 2021. In 2019, there were fewer: 651 chases and 260 crashes.

A few decades ago, authorities tried to reassure Angelenos by claiming that a person had a one in four million chance of accidentally being killed in a police chase of a criminal. “There’s a better chance of being struck by lightning,” the police department estimated. But things have changed. An official report presented in April indicates that, over the past five years, 25% of chases have left people dead or injured. That almost always includes the suspect, but the number of innocent people who have been hurt has also increased.

News Helicopters Ushered A Fresh Television Genre In Los Angeles

Although there is plenty of material on the street, uncertain times for local journalism have limited coverage. Univision and Telemundo have dispensed with their helicopters in Los Angeles. Fox and CBS have joined forces and are using one aircraft instead of two. For the time being, KTLA, which invented the genre, remains committed to having a helicopter in the air.

The days may be numbered for these televised events. Some metro police departments have asked their officers to stop chasing criminals at high speed for the safety of the public. Instead, they have employed technology with high-definition cameras and drones to chase criminals, as has happened in cities like Dallas, Philadelphia and Phoenix.

The Los Angeles police have said that they are studying the implementation of the Star Chase system in some of their vehicles. Star Chase features a launcher that triggers a GPS transmitter, tagging a fleeing vehicle and allowing the authorities to track the position of the person who has escaped in real time. Another measure under consideration is the use of an industrial-strength nylon net that traps the rear axle of the fleeing car. All of this could yield dramatic footage for the eye in the sky.

Thank You For Your Support!

— By Darren Wilson, Team ‘THE VOICE OF EU‘

— For more information & news submissions: info@VoiceOfEU.com

— Anonymous news submissions: press@VoiceOfEU.com