UNCC course trains ethical computer hackers

Imagine going to college to learn how to hack into someone else’s computer. A group of Charlotte students are doing just that, but they aren’t the bad guys.

In a northeast Charlotte classroom, you’ll hear conversations about computer code and the hum of hacking. The young faces are intent on stealing you blind.

“A lot of people hack for financial gain,” said a student. “We’re going to be breaking into consumer grade Wi-Fi.”

If the students are good enough, they’ll be rewarded with a college degree from UNC Charlotte and a job in corporate America.

“Yes, you see such a thing (as ethical hackers) in universities, and at the University of North Carolina we have a couple of ethical hacking courses,” said Dr. Mohamed Shehab.

Visit your neighborhood coffee shop or restaurant and you’ll see the sitting ducks on their laptops.

“Our privacy is exposed every day,” Shehab said.

Log on to the free Wi-Fi and it could cost you much more than your meal.

“If you go to Panera and turn on Firesheep, what it’s going to do is it’s going to scan the network, and it will tell you who’s on Facebook and you can log in using their accounts,” said Shehab. “So it will show you the people on Facebook. You click on it and actually you will get to use their account. This is a very simple trick.

“The problem is, every packet you send, if it’s not over a secure channel. Every packet you send, everyone can see.”

At the UNCC College of Computer and Informatics, students show us just how easy it is to steal information from your home wireless router.

“What we’re going to do is manipulate the router in such a way that we’re actually able to trick it into giving us a lot of data,” said one student. “Cracking it, depending on what kind of encryption it is, can take anywhere from, I don’t know, we’ve seen it happened in 30 seconds.”

Within seconds, hundreds of encrypted files are being sent from your router to the hacker’s computer.

“With this weak level of encryption, we’re allowed to pretty much reverse engineer the password out of the data that we’ve received,” said the student.

You don’t have to enroll in college to learn how to hack. Simply log on to YouTube and you’ll find thousands of tutorials, teaching you how to hack into everything from school computers to webcams.

“It used to be primarily what are called “kiddie hackers” — bored teenagers looking for something to do or just goofing around,” said Theresa Payton, a computer security consultant in Charlotte. “Those still exist. But now you have a more organized criminal element.”

Payton is the former White House chief information officer for President George W. Bush.

“You’ve got a line of criminal rings who it’s all about identity theft. So it’s about getting information about you, packaging it and selling it for money,” Payton said. “Or they’re after your computer to create a network of computers for criminal use.”

At UNC Charlotte, the students “sniffed” more than 15,000 pieces of encrypted data from a router.

“Now we are actually inside the router, able to set up whatever we want,” a student said. “Essentially the router is ours.”

It is a sobering experiment that leaves the students with a sense of accomplishment and the rest of us feeling very vulnerable.

“Your privacy is slowly slipping away from your control,” said Shehab. “You wanted to ask if we are safe.  But if you think about it, it’s a challenge and security experts are still trying to address.”

The good news is these students hope to work for companies to ensure your personal information is protected.

To reduce your chances of becoming a victim of hacking, experts say:

  • Be careful about where you post personal information.
  • Buy the latest and greatest protection.
  • Install software from trusted vendors and always question why they’re collecting personal data.
  • Keep the software patches up to date.
  • Keep your passwords strong with letters and numbers.

Leave a Comment

− 3 = four

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>