Cybersecurity Curriculum Guidelines, UC Cyber Attack, Password Cracking, and CISA Opportunities

Topics Covered

  • Guest Speaker: Dr. Melissa Dark
  • Cyber Bytes: UC Cyber Attack
  • Technology Corner: Password Cracking
  • Cyber Opportunities: CISA Opportunities

Aired: May 11, 2021

About this Show

Guest Speaker:

Dr. Melissa Dark

Dr. Melissa Dark is the founder of DARK enterprises, Inc. DARK Enterprises Inc., is a non-profit dedicated to developing, supporting, and stewarding excellent cybersecurity education at the secondary level. Their expertise is in Design, Analytics, Research and Knowledge-transfer.

Dr. Melissa Dark is also a part of the NCMF High School Cybersecurity Curriculum Guidelines (CCG). The CCG was made to encourage curriculum providers, teachers, and industry to create curriculum designed to inspire high school students to pursue a profession in cybersecurity, as well as develop thinkers with a cybersecurity mindset that will enhance any profession they pursue.

You can read more about the CCG here! There is also a video that explains the guidelines.

In her spare time, Melissa enjoys hiking, yoga, home improvement projects, travel and dogs.

You can read more about Dr. Melissa here and here!

Dr. Melissa Dark

Cyber Bytes: UC Cyber Attack

The University of California is a system of public research universities famously known for their world-class facilities and their strong and diverse programs. Therefore, it’s no surprise that their desirability amongst prospective students is also showing amongst cyber criminals. The University of California Office of the President (UCOP) announced on March 31st that UC was part of a nation-wide cybersecurity attack due to hackers gaining access to “files and confidential personal information by exploiting a vulnerability” in their file transfer appliance, Accellion, a file sharing company based in California used over 3,000 organizations.

This data breach includes stolen personal information such as names, addresses, phone numbers, birth dates, social security numbers, bank account information, and more. Students, faculty, and others part of the UC community were sent threatening and blunt emails with statements such as: “The company has been hacked, data has been stolen and will soon be released”. Since then, UC has reported the incident to federal law enforcement and are beginning an investigation on this situation. While it is still unclear about the extent of this attack, UC has sent out suggestions for the people who may have been targeted, including taking identity theft measures, placing fraud alerts, and placing a security freeze on credit reports.

Through this event, it’s important to also remind ourselves about phishing emails and the common social engineering tactics that cyber criminals use to gain our personal information. Hackers will use threatening and demanding verbiage to scare people into thinking irrationally, as shown through this situation. It’s easy to think that you know better than to fall for a scam email, but frauds are getting more complex than just telling you that you’ve won a $100,000 cruise. The best way to stay cyber safe is to stay vigilant!

Cyber Attack

Here are some useful resources for more information about the attack:

Technology Corner – Introduction to Password Cracking

Hey gamers welcome back to the technology segment. So in order to get started with password cracking you need two things which are vmware and kali linux. Here is a tutorial on how to download them!

So password cracking is important in that it can be very useful in conducting digital forensic investigation, so although it is used to commit crimes it can also be used to solve crimes as well. In this technology segment I will be teaching you to crack simple hashes using hashcat!

Hashcat is a must-have tool for penetration testers and is a popular and effective password cracker widely used by bothe penetration testers and sysadmins as well as criminals and spies. Hashcat comes pre-installed with kali but, here is an installation guide if you do not have kali (you should get kali though!).

That is pretty much it for this blog post but, I go over lots of vocab words and tutorials on how to use hashcat here on the slides so please refer to that if you are stuck! Thank you.

Cyber Opportunities: CISA and Troy High Summer Camps

CISA also known as Cybersecurity and Infrastructure Security Agency is offering internships for high school to graduate level students.

  • High school students/general education diploma you qualify for the GS 1-2 IT Management position.
  • 1 to 2 full academic years of post- high school student/associate degree you qualify for the GS 3-4 Student Trainee.
  • Master degree or equivalent degree people qualify for the GS 5-7 student Trainee or IT Management position.

To sign up, you have to turn in an application form and then you will get further instructions in an email. For more information go on their website here.

Troy High School Summer camps 

Another opportunity for this summer especially is Troy High school’s Summer Camps. This camp is offered nationwide. There are 5 different camps depending upon your level. Elementary camp for kindergartners to third graders which is June 17th and June 24th 

  • Elementary camp for fourth graders to fifth graders which is from June 15 to June 16th and from June 22nd to June 23rd. 
  • Beginner camp from June 14th to June 18th and from 21st to the 25th of June as well. T
  • Intermediate camp which is from June 14th to the 18th and then 21st to the 25th of June. 
  • Advanced camp which is from June 7th to 11th.

You do not need any prior experience to attend the camp. To sign up or find more information, go on this website here.

CISA Logo