The National Security Agency uses its best and the brightest experts of cybersecurity for coming up with a cyber challenge. This cyber challenge, known as Codebreaker Challenge, is then provided to more than 330 schools and 2,600 students for the sake of solving it. Those who are able to solve it end up getting recruited by the National Security Agency (NSA).
Kathy Hutson, the senior strategist for industry and academic engagement at the NSA, has said that the Codebreaker Challenge has become one of the best ways to attract new talent for the federal government. Hutson said on Ask the CIO, ‘We are doing the high touch and personal approach to educate and attract students. Through the Codebreaker Challenges, we are using a non-traditional approach, which also teaches good fundamental skills for NSA as well as the nation. In our new employee orientation class, we started to poll all of our new employees as far as how they became interested in NSA. Among the new employees at a recent orientation class, one woman identified that she came to NSA through the GenCyber camps, which NSA hosts, and what sealed the deal for her was participating in the Codebreaker Challenge.’
The Codebreaker Challenge was introduced by NSA back in 2013. The idea was to connect with students and professors who are working on technology and cyber issues. Over the course of the last six years, the annual Codebreaker Challenge has become quite an awaited-event. Eric Bryant, a technical director in the cryptoanalysis organization at the NSA, said, ‘There is quite a bit of enthusiasm and excitement when I go to campus. In the early fall, I gave a tech talk where I walk through the previous year’s challenge and the new one that’s coming up. The crowd seems to grow each year. We’ve also seen the emergence of additional groups like student clubs, which focus on these types of smaller, capture the flag challenges.’
The Codebreaker Challenge offers students, professors, and anyone else who is interested with a ‘hands-on opportunity to develop their reverse-engineering /low-level code analysis skills while working on a realistic problem set centered around the NSA’s mission.’ Last year’s challenge was about ransomware and blockchain, where the participants had to solve eight separate but related challenges.
Bryant said, ‘We structure the challenge so that the beginning tasks are easier and more accessible to the students. Most students don’t have prior experience in areas like reverse engineering, vulnerability analysis and crypto-analysis. We structure the problem so there is a progression of tasks and they are working toward an ultimate goal. In the case of the most recent challenge, ultimately they were trying to unlock the ransomware without having to pay the ransom and go a step further to recover all the funds, victims had paid in and pay them back by exploiting the logic in the attacker’s contract.’
For the 2019 Codebreaker Challenge, NSA is most-likely to focus on mobile security threats while making use of an Android operating system.