MENOMONIE — Cyberattacks are a near-constant threat to businesses, government agencies, personal data and infrastructure in today’s society.
The attacks rose by 300% in 2020, when organizations paid more than $350 million to ransomware groups, according to Homeland Security Secretary Alejandro Mayorkas.
Colonial Pipeline in Georgia was the victim of one such ransomware attack in early June. The fuel pipeline company’s computer system was hacked by ransomware group DarkSide, which installed malicious software to block the company’s access to its own system until a ransom of $4.4 million was paid. The attack forced a temporary shutdown of fuel operations across 17 states and Washington, D.C., affecting people from New York to Texas.
So, how can organizations defend themselves against such persistent and sophisticated attacks? One way is to hire a team to test their systems, both the cybersecurity of their computer networks and the physical security of their buildings.
Known in the industry as Red Teams, these hackers break into systems to expose weaknesses, helping organizations defend themselves before an actual attack occurs. Recently, UW-Stout computer networking and information technology graduate Brian Halbach spoke with ABC’s “Nightline News” about his methods and the importance of Red Teams as a line of defense.
“Being interviewed by ‘Nightline’ was an exciting time,” Halbach said in a UW-Stout news release. “Normally, our team’s work is covered under NDAs (nondisclosure agreements), so we are not able to talk about it. There are times when we are doing really cool, unique things. Being able to actually show and explain what we do on television was a great opportunity.”
Hacker for hire
Halbach, a security consultant with RedTeam Security in St. Paul, became interested in CNIT as an undecided student his first year in college, working for Student Services’ technical help desk.
Halbach was unsure of what he wanted to study. “But the other students I worked with were in CNIT,” he said. “I saw the stuff they got to do and thought it was really exciting. I really liked everything that related to computer networking.”
As a security consultant, Halbach does a wide variety of tasks, depending on a client’s wants and needs. His team at RedTeam Security has helped several hundred clients by attacking web applications, calling people on the phone trying to elicit information from them or cracking into a company’s network and working through the systems to get all the access they can.
“In the industry we call each other hackers in the traditional sense, meaning one who is curious about things and takes time to understand something and hack away at it,” Halbach said. “We don’t use the term hacker to mean cybercriminal when we refer to each other as hackers.
“The real goal is not just getting in. The real goal is being able to present something to the client that they can understand and will help make them more secure. My team and I are almost always successful in accomplishing our goal.”
UW-Stout’s CNIT program director Holly Yuan said it’s exciting to see Halbach shine in the cybersecurity field.
“He possesses a strong set of cybersecurity and IT skillsets, is a great presenter and public speaker, always with a good sensor of humor,” Yuan said.
“Red Teaming” has its roots in the cold war, Halbach explained. Originally, it was a team of people who would change their entire way of thinking to think like the enemy and provide feedback from that perspective.
“My team and I think like the enemy to help companies find weaknesses they did not know about,” he said. “It is also a really great way for companies to challenge hidden biases or assumptions they might have. Red Teaming can not only make a company more secure but can help make them more productive.”
RedTeam Security has team members across the United States.
Halbach has learned the importance of clear communication, so his clients understand the security measures they recommend and the reasons why.
“I hope that they take away how to be more secure, that there are threats out there that they should be aware of. But ultimately, that a little prevention when done right can really go a long way,” he said.
Halbach advised individuals to follow these best practices to protect their personal data:
• Use a password manager to help eliminate password reuse and create secure passwords.
• Enable multiple-factor authentication on all websites and applications that support it.
Halbach said UW-Stout’s CNIT program prepared him for his career by giving him a strong understanding of computer networking and how systems talk to each other, while his computer science minor helped him to quickly look at computer code and analyze it for any security issues.
“There has never been a better time to be interested in cybersecurity,” he said. “Jobs are on the rise, and cybersecurity is becoming more and more important. It also is a really fun and rewarding career.”
In November 2017, UW-Stout was the first four-year university in Wisconsin to receive the designation of National Center of Academic Excellence in Cyber Defense Education by the National Security Agency. The Menomonie campus’s Cybersecurity Research and Outreach Center is funded by research grants.