Computer security professor Steve Beaty knows he is walking a fine ethical line when he teaches his students to act and think like hackers.
But Beaty’s students at Metropolitan State College are intent on making a dent in the epidemic crippling corporate, school and government websites while stealing Social Security and credit card numbers from tens of thousands of people.
“Yes, you have to to think like a criminal,” Beaty says. “But it’s how you use the knowledge. If you’re a bad person, you’re a hacker. If you’re a good person, you’re a security expert. … It depends how you use it.
“You want to teach them how the enemy works without turning them into the enemy.”
Earlier this year, three computer security breaches at the University of Colorado at Boulder left 36,000 students and staff vulnerable to identity theft.
Last spring, hackers got access to credit card information for customers at more than 100 DSW Shoe Warehouse stores, including three in metro Denver.
Credit card fraud is a $500 million-a-year industry, “more popular than organized crime,” Beaty says.
Zone-H.org, a computer attack archive, documents up to 1,300 computer system attacks worldwide on any given day.
And while international terrorists could make things highly uncomfortable by disrupting the country’s power grid, water storage and sewer systems, “the economic depression based on a computer attack is a bigger concern,” Beaty says.
The class is designed for students interested in cybercrime, whether working in the information technology department of a business or in law enforcement. They study viruses, computer fraud and identity theft.
“The first assignment is to research a method hackers use to break into sites,” Beaty says. “In my opinion, you have to know your enemy, know what you’re up against to do a successful defense.”
“We definitely walk an ethical line,” says student Gary Clift, a programmer for a Denver company that supports small businesses. “These hackers come from Indonesia, China, Russia. If they have knowledge of this, why shouldn’t I? Every time I come back to work from class, I make us more secure.
“The Internet is the Wild, Wild West,” Clift says. “We see attack after attack – and we’re trying to figure out what they’re doing and how we can prevent it. It’s kind of scary looking at what can happen.”
Staff writer Dave Curtin can be reached at 303-820-1276 or dcurtin@denverpost.com.
