The 0’s and 1’s of what we really do as a club. . .

To get a better understanding of what we do as a club, it is worthwhile to preface that information with some relative staging. When you hear the term “hacker,” what comes to mind? A genius teenager, shrouded in the darkest corner of their parent’s basement, wearing a Pokémon hoodie pulled over their head, sitting alone, furiously clicking away on a keyboard, interpreting numerous lines of code in the Matrix, as they try to break into a CIA mainframe? For many, this is their associated understanding, however it could not be further from the truth and only represents a very small percentage of the collective whole. It is just a popularized stereotype brought about by things such as the portrayal in the movie “Hackers,” the notoriety of “Anonymous,” and sensationalism from the media. The reality is, “hackers” come in all different shapes, sizes, colors, makes, and models, and from every corner of the globe.

The term hacker has a dualistic definition. On the one hand, it can be a person that uses their programming and cyber technology skills to exploit a vulnerability in security to gain access to systems, individuals, corporations, governments, networks, and other entities, to perform illegal acts such as stealing information, denying access, causing delays, destroying information, and manipulating information with malicious intent. The other is a person who enjoys exploring the internal details of programmable cyber systems and technologies to grow their expertise and knowledge in the subject matter (see also, computer nerd). Due to the dysphemistic nature of the word “hack,” many are unaware of the two meanings, and the confusion is understandable.

It is worthy to note, the term “hacking” and “hacker” are in a semantical contest with “cracking” and “cracker,” but for the purpose of simplicity, we will use the popularized descriptivist approach, and leave the argument between the historical purists and linguistic progressives to battle it out in a game of pong over the nomenclature.

In the cyber world, these two core classifications of hacking are often referred to as “black hat hacking” and “white hat hacking.” There are numerous other classifications, but to keep things basic, we will just be discussing these two. Feel free to dig deeper. Black hat being the Wicked Witch of the West and white hat being Dorothy. Simply put, black hat hackers use their skills for bad, while white hat hackers use their skills for good, and the majority of “hackers” are on the side of “good.” Our club is a group of students that gets together and straps on our ruby-red slippers to introduce, grow, and develop white hat hacking skills, also known as ethical hacking, in order to gain a better understanding of cyber security. Through vulnerability testing and exploitation, we learn the skills necessary to be able to defend against these threats for the purposes of network, cyber, and information security. A process also known as penetration testing. In the immortal words of Sun Tzu,

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”

Everything we do is above board and legal, and you will need to sign a "White Hat Agreement Form" stating that your actions will reflect the same with the skills you learn through the club. Although ethical hacking is not all we do, it is probably the most important (not to mention fun) when it comes to cyber security. It is paramount to know, and the backbone to understanding and identifying security weaknesses to defend against cyberthreats and cyberattacks.

Beyond ethical hacking and penetration testing, we also delve into topics such as:

• Endpoint Protection (System hardening)
• Digital forensics
• Application Security
• Network Security
• Operational Security
• Physical Security
• Reconnaissance
• Reverse Engineering
• Incident Response and Crisis Management
• Cryptography
• And many more

As you can see, the broad topic of cybersecurity encompasses a whole host of different topics and techniques. At its core, cybersecurity involves protecting information and systems from major cyberthreats. Administering those skills is what we learn and do.