Podcast Summary
A Journey of Self-discovery, Cultural Influences, and the NSA: Traveling solo enables us to explore new cultures, reinvent ourselves, and have extraordinary conversations with people. Our childhood experiences, family, and interests shape who we are, leading to diverse personalities and perspectives.
The host shares an interesting incident of sneaking into the Pentagon and then proceeds to interview two different NSA agents who started something at the NSA that still goes on today. The first guest tells his story of growing up in a small town in Texas and how his father's craze for cowboy culture made the whole town adopt the same style. He then reveals how he got fascinated with computers after watching WarGames. This highlights that traveling alone allows us to reinvent ourselves and gain new perspectives and experiences, leading to interesting stories and encounters. It also emphasizes the importance of culture and family influences in shaping our interests and personalities.
Marcus's Journey from Poverty to Top-Secret Clearance: Financial constraints should not restrict our growth. Embrace opportunities that come your way and use them to make the most of your potential while being grateful for the support received.
Marcus grew up poor and couldn't afford to go to college, but he joined the Navy and became interested in computers. He learned about cryptographic communications, got a top-secret clearance and did collection work for NSA. The whole time Marcus was sailing, he was like a spy, helping the NSA who supports the US military. The story teaches us that if we have a passion for something, we should not let financial constraints stop us. Instead, we should be open to exploring different opportunities that come our way and make the best of them. We should also be grateful for the support and opportunities we get and use them to make the most of our potential.
Education and Job Security in the Military: Joining the military provides opportunities to learn a variety of skills, obtain education, and job security in an ever-changing job market.
The military is full-time education and provides job security. Marcus was able to learn a variety of skills such as coding and networking during his time in the Navy, and was even able to obtain a Bachelor's and Master's degree, all with the financial support of the military. He also gained thorough knowledge of radio frequencies and communication systems. His experience and training even allowed him to seamlessly transition to work at the NSA on an augmented staff basis. Overall, the military is a great option for those looking for education, job security, and the opportunity to learn a variety of skills.
Marcus's Certification Journey from Networking to Network Security Management at NSA: NSA strives to protect US communications and assets while also sharing best practices and working with NIST to help businesses maintain security. Defense is public, but secrecy in intelligence gathering is crucial.
Certifications in networking led Marcus to manage NSA's network and help build out the SOC that looks out for security breaches and watches over the unclassified, high side, and inner agency networks. With a good defense being public, the secretive part of intelligence is how information is collected on targets. Burnt means and methods can hinder investigations and tracking like how Bin Laden went silent. NSA shares best practices to help secure systems and maintain privacy. However, their core mission is to protect US communications and assets while also working with NIST to help businesses stay secure.
The Importance of Crypto Research and Cybersecurity in Protecting US Interests: The NSA's intense training produces skilled defenders who protect the nation from cyber threats, but balancing the need for disclosure with safeguarding methods is critical. The cybersecurity battle is ongoing between both American and foreign adversaries.
The core mission of crypto research and breaking crypto is to protect US assets and interests by preventing foreign intelligence from spying on American companies and stealing their information. The NSA's intense focus on education and training produces highly skilled professionals who defend the nation against cyber attacks. It is important to disclose exploits to companies like Google and Microsoft; however, the NSA might try to protect the method so that it can help the country. The Defense Cyber Crime Center, like Cyber Command, deals with forensic investigations and high-profile cases. The cybersecurity battle is a behind-the-scenes fight between smart people, both American and foreign adversaries.
Understanding Cyber Range and Its Benefits: A cyber range is a separate network used for cyber-security testing that allows companies to practice network and system security in a safe environment. It also enables federal agents to develop forensic skills and react to incidents more effectively.
A cyber range is a separate network used for cyber-security testing where companies can mock-up their corporate network environment for practicing network and system security. It allows investigators to interact with real gear and detect and defend against cyber attacks. Cyber ranges are used to teach federal agents how to react to cyber-security incidents more effectively and to develop forensic skills. The cyber range contains complete corporate networks with physical and real devices that can be attacked or defended against. The cyber range also offers an opportunity to detonate malware and try exploiting various vulnerabilities within the network without worrying about any vulnerability or virus escaping and hitting production equipment during testing.
Building Immersive Cybersecurity Training Platforms and Giving Back to the Community: Continuously learn and self-train in cybersecurity, share your knowledge with others, and give back to the community to make a positive impact.
Marcus built an immersive course for collecting live information and setting up intrusion detection systems in an entire organization's network. He used real attacks, such as live Chinese malware, to teach the students. He started his own company called Threatcare, which was later acquired by a larger company. Marcus gives back to the community through his books, such as Tribe of Hackers, and donating to various organizations. He believes in continuously learning and self-training, and encourages others to do the same. He also teaches his son about technology and shares his knowledge with anyone interested in learning.
Nurturing interests breeds success.: Encouraging children's creativity and exploration of their interests can lead to success, even if it means following a nontraditional path.
Encouraging children's interests and creativity can lead to remarkable achievements. The father of a software engineer exposed his son to coding, which helped him write programs to do his math at 11 years old. When his son was 16 years old, he wrote a Metasploit front end on the iPhone, which caught the attention of Rapid7. After interning for Rapid7, he was offered a full-time job and now leads his own team at the age of 24. Jeff Man, a hacker, acquired his skills through experimentation and curiosity. Encouraging children to explore their interests can lead to success, even if it means following a nontraditional path.
Getting Hired by NSA as a Cryptographer: The NSA conducts a thorough background check to ensure the safety of classified information. To attract skilled professionals, they offer training and job interviews acting as sales pitches.
Working for the NSA involves a rigorous background check that includes lifestyle and financial questions to ensure that people with access to classified information cannot be blackmailed. Jeff's job at NSA was to do cryptographic reviews of the systems that were being used at the time. He had to learn cryptography for this job and NSA had its own cryptologic school that offered many courses on various aspects of cryptography. NSA also offered job interviews that were more like sales pitches, as it was difficult to attract employees with the required skills. Jeff was hired off the street and trained to be a cryptographer who reviewed manual or paper crypto-systems for InfoSec at the NSA.
The History and Evolution of One-Time Pad Encryption: One-time pad encryption is unbreakable if the key remains secret and not stolen, but its use of physical pads with random characters is outdated and replaced by digital encryption programs.
One-time pad is the basic form of encryption where random characters printed on the pad act as the key for plain text messaging. It is impossible to break the key if kept secret and not stolen. The pads were used by spies to encrypt messages which took time to decrypt. Rice paper and toxic ink were used in some one-time pads, resulting in spies getting sick. Jeff's first assignment involved figuring out how to write a computer program that can perform encryption and decryption on the one-time pad in 1987. It was performed on the command line since Windows was not yet introduced.
Revolutionizing Cryptography through Persistence and Innovation: Jeff's persistence and innovation in creating the first software-based cryptosystem for the NSA paved the way for future advancements in software-based cryptography. He also exposed the vulnerability of using one-time pad sheets for extended periods, emphasizing the importance of proper encryption practices.
Jeff created the first software-based manual cryptosystem for the NSA, challenging the agency's resistance to change. He had to go through several iterations of presenting to senior management and address all the security concerns. Despite the pushback, Jeff did not take no for an answer and hacked the system, producing something revolutionary at the time. This paved the way for more advancements in software-based cryptography. Jeff's career spanned three different tours of duty at the NSA, and in his second tour, he worked in a department tasked with cracking encryption and exploiting systems that did not use best practices. He discovered that people were using one-time pad sheets of key for extended periods, making it easier to break and decipher messages.
The NSA's Hacker Culture and its System and Network Attack Center: The NSA's System and Network Attack Center, led by Jeff and his team, embodied a hacker culture and helped the agency stay ahead in internet hacking while ensuring the secure use of encryption systems.
The NSA is responsible for creating secure encryption systems for US-related data, but also needs to ensure that its own employees and the DOD use them correctly. As the internet grew, the NSA added the fifth domain of warfare (cyberspace) and set up the System and Network Attack Center to focus on computer and network security. Jeff and his team embodied the hacker culture within the NSA and tested the security of networks and domains within the NSA and other DOD customers. They nicknamed their office The Pit and were given a license to keep doing what they were doing. This helped the NSA stay ahead in the internet hacking that it does today.
The Pit - Hacking with Permission: The Pit, a group of hacker enthusiasts, had to seek permission and sign-off from management and targets before executing any methodology. They used unique techniques like guessing usernames and IDs to gain access to accounts.
The Pit, part of SNAC, was a group of hacker enthusiasts, predominantly computer scientists, who learned about the operating systems, hidden and undocumented features, and exploits that could grant root privileges. They participated in hacking through red teaming and internal penetration testing, but had to get management sign-off and permission from across the executive suite and potential target or customer before executing any methodology on their target. To identify and gain access to idle or yet-unlogged-in accounts of a UNIX workstation and network credential, they would guess usernames and user IDs for accounts without passwords, which were stored in world-readable password hashes in ETSI password files. Mountain Dew was the beverage of choice for the hacker culture in the early-to-mid 90s.
The benefits and challenges of open-source intelligence-gathering in cyber attacks.: Knowing about the target through open-source intelligence-gathering helps in getting approvals for the mission, but there can be challenges when testing public-facing websites, especially when following the rules and regulations set by governing bodies.
Open-source intelligence-gathering is crucial to know about the target before attacking the network, which helps in getting approvals for the mission. Jeff's red team, known as The Pit, started with the rudimentary method of open-reconnaissance that we know today. The red team helped the NSA to make a good name for themselves, but they faced challenges when the DOJ asked Jeff's team to test their public-facing website. NIST was responsible for protecting unclassified networks, but they did not have the capability to do so. However, the NSA had to proceed following the rules, and the request for this vulnerability threat assessment came from the attorney general to the Secretary of Defense before they could attack DOJ's website.
A Benign Hack Leads to DOJ Seeking Help from Jeff and His Team: Unsanctioned hacking can have serious legal consequences, even if done with good intentions. Always seek proper authorization before taking action.
A benign hack of a Department of Justice website, which involved replacing the picture of attorney general Janet Reno with that of Adolf Hitler and changing the name of the department to Department of Injustice, became the first public hacking of any government installation facility website. This prompted the DOJ to seek help from Jeff and his team, who were almost legally allowed to do so. Jeff had to jump through bureaucratic hoops to assemble a team to help DOJ. However, on their third day at DOJ, they were called back to the Pit. Later, they were reprimanded by the DOJ lawyer, who introduced the Church Proceedings and warned them about the potential consequences of unauthorized intervention.
The Ethics of Hacking into US Systems: The NSA's limitations on conducting operations on foreign nationals and incidents like Jeff's departure due to ethical implications of hacking into US networks highlights the need for balance and caution in cyber operations and its impact on employee morale.
The NSA Charter limits the NSA to only conduct operations on foreign nationals, not US citizens. The incident with Jeff brought to attention the ethical implications of hacking into US systems and networks. This incident caused a loss of morale for The Pit employees who began to leave the NSA for better-paying private sector jobs. Jeff, who had been with the NSA for 12 years, also left for a job with a 50% pay increase. The NSA launched Operation Eligible Receiver in 1997, which involved hacking into US government networks, but only with a lower-level hacking team as they did not want to risk their elite hackers.
The Importance and Benefits of Conducting Red Team Assessments for Cybersecurity Purposes.: Hiring ethical hackers to conduct red team assessments can identify vulnerabilities that can be easily fixed, protect valuable assets, and defend against cyber-attacks. The assessment also highlights the crucial role of network security in preventing attacks in the information warfare campaign.
The importance of conducting red team assessments is highlighted by the success of a B-team of hackers with off-the-shelf tools using commercial gear and conducting open-source reconnaissance. Companies should hire ethical hackers to see if they can get into their systems and identify misconfigurations that can easily be fixed. Conducting such assessments can protect valuable assets and help defend against cyber-attacks. The lesson learned from the red team assessment is that the DII can be taken down and the US can be attacked in an information warfare campaign without insider information. It is also concerning that the US military wasn't securing their networks as well as they should have been.