A student peers intently at two wide-screen monitors, lines of computer code reflected in his glasses. His eyes scan the text. He clicks the mouse, giving direction to one of two high-end computers. The computer on the left is a research station. On the right, an attack station. The attack station is connected to a network that forms a self-contained virtual Internet with artificial banking, email, and e-commerce sites.
The student isn’t a hacker—he’s one of the good guys. The scene is part of Parrot Labs, a new training delivery model from the cybersecurity experts at KEYW Holding Corporation, a global cyberspace, geospace, and counterterrorism company with leading hardware, software, and tech solutions. Cyberterrorists focus on penetrating weaknesses in corporations and governments; Parrot Labs’s hands-on training in cyberoffense, cyberdefense, forensics, network exploitation, and programming skills is designed to help professionals discover, understand, and diminish threats and attacks. With Parrot Labs and other endeavors, KEYW is helping government agencies defend their most valued assets while ensuring the nation builds the cyberworkforce it needs.
“The threats become more sophisticated every day. Most companies should assume that bad actors are already in their network. They can be anywhere, doing anything.”
The man behind it all is Greg Dixon, senior vice president of advanced cyber operations. As a former naval cryptologic officer, he’s developed a unique skill set that drives his current work. Dixon started his naval career in submarine ballistic missiles, and later became a commissioned officer working on sensitive technical projects in support of national and tactical security objectives. In postgraduate school, he studied advanced networking and computer architecture design, providing an understanding of how networks and hosts are built from the ground up. This research led to Dixon’s thesis on vulnerability research in asynchronous transfer mode communication—the former backbone of how data was routed around the Internet. In 2005, he retired from the Navy and started working as a contractor; he joined KEYW in 2008.
This unique background helps Dixon understand complex aspects of advanced networks and how “bad actors” may seek to attack governments and corporations in the digital age. The threats are real, ongoing, and increasing. Experts suggest that all companies on the Fortune 500 have been compromised, with attacks coming from nation states, terrorists, and individuals. In February of 2015, New York’s Department of Financial Services warned of an “Armageddon-type” incident targeting Wall Street.
In this new reality, Dixon says, corporate and public sector leaders must be diligent and realistic. “The threats become more sophisticated every day. Most companies should assume that bad actors are already in their network. They can be anywhere, doing anything,” he says. Dixon believes that every company should immediately review and implement relevant items from the twenty critical controls listed by the SANS Institute’s website, with an ultimate goal of migrating to an automated and active cyberdefense solution.
Those twenty controls, however, still aren’t enough. That’s why Dixon and his IT pros monitor industry trends, academia, the marketplace, and government reports in an attempt to stay one step ahead. Employees at KEYW and instructors at Parrot Labs are practitioners who also obsessively focus on research and malware analysis to stay current on the state of malware, allowing them to refresh and update Parrot Labs courses, scenarios, and case studies.
The key is critical thinking with a deep understanding of networking and computer theory. “Malware, or malicious software, is simply software designed to disrupt otherwise normal computer operations,” says Dixon. “By understanding how software code runs on hardware, you can appreciate the stealth and persistence techniques the bad guys are employing, because you understand the basic underpinnings of the technology.” With this operational knowledge, students can start to understand and mitigate threats. By offering courses like Offensive Methodology & Analysis and Tactical Digital Forensics, Parrot Labs is preparing a workforce capable of defending against digital attacks that could otherwise cripple entire industries and communities.
KEYW’s automated cybertraining framework increases the number of students that actually get through the pipeline and into the marketplace. While standard training courses operate at a single pace for the entire class, KEYW offers a flexible system that guides each student at his or her own pace and offers feedback in near real time.
Industry and government leaders alike are recognizing the imminent threat of cybercrimes. In late 2014, FBI director James Comey called cyberterrorism one of our nation’s top threats, saying, “People who harm children, fraudsters, spies come through the Internet. Nation-state actors, terrorists—cyber isn’t a thing; it’s a way.” During his tenure, former US deputy secretary of defense William Lynn said, “The Pentagon has formally recognized cyberspace as a new domain of warfare. Although cyberspace is a man-made domain, it has become just as critical to military operations as land, sea, air, and space. As such, the military must be able to defend and operate within it.”
Heads of state, CEOs, and leaders like Dixon are concerned about threats from China, Iran, ISIS, and elsewhere. “We need to grow our cyberworkforce to combat these issues, and we’re doing what we can to train people to meet these challenges,” Dixon says. Cyberterrorists and others who engage in malicious cyberactivity don’t operate under the rule of law or respect the privacy of citizens. Dixon knows that winning the war will take a new set of skills and tools, and he’s working to help modern tech professionals equip themselves for battle.