US Plans Cyber Attacker Academy

The US has posted a job ad looking for recruits for the NSA’s Cyber Exploitation Corps Development Program

The US is openly investing in its cyber army, as it looks for people to fill a programme to train up cyber soldiers.

The US’ National Security Agency (NSA) has posted a job ad looking for people to join its Cyber Exploitation Corps Development Program (CECDP). The NSA would not tell TechWeekEurope anything more about CECDP other than what was on the job description.

“The CECDP is a premier technical development program seeking highly motivated and exceptionally high potential computer scientists and engineers – and providing them opportunities to develop and excel — both technically and professionally,” the post read. “The CECDP produces an elite group of professional operators with expert abilities in Computer Network Operations [CNO] positioning the participants for future career progression.”

Good opportunity

The programme lasts for four years. Not only do participants get a salary of up to $81,204, depending on experience, they will get to choose from a variety of CNO positions once the course is up. As for what the programme consists of, the NSA said there are “rotational technical diversity assignments, specialized lab/classroom training and a final project which will enable them to understand the breadth of the Computer Network Operations mission.”

The NSA’s CNO consists of three strands: network defense, network attack and computer network exploitation.

Applicants need to have technical proficiency in a number of areas, including malicious code analysis, pen testing, packet analysis and network forensics.

The NSA is also looking for an operator for the CNO. “Operators support the operations and intelligence collection capabilities conducted through the use of computer networks to gather data from target or adversary automated information systems or networks,” the job description read. “As an operator, you will use advanced software applications for network navigation, tactical forensic analysis, and collection of valuable intelligence information.”

Meanwhile, US military contractor Northtop Grumman has been looking for a cyber software engineer to “plan, execute and assess an Offensive Cyberspace Operation (OCO) mission”.

Other nations are bulking up their cyber armies too. Sources told the Times of India today that India’s National Security Council (NSC), headed by Prime Minister Manmohan Singh, is planning to order the Defence Intelligence Agency (DIA) and National Technical Research Organization (NTRO) to work on cyber offensive operations.

Germany has also reportedly set up a cyber warfare unit, which will have a strong focus on defending attacks from China.

With nations states now admitting to working on cyber attack capabilities, the US confirming it was behind Stuxnet and super-powered cyber espionage tool Flame causing carnage, many are speculating that all-out cyber warfare could happen soon. That was unthinkable to most in the industry just a matter of years ago.

Werner Thalmeier, vice president of product management at security firm Trustwave, told TechWeekEurope cyber war was already here. “All these things are around and I think we will see much more in the future,” he said.

Thalmeier said the sophistication of the threats being created by nation states meant the security industry and governments had to rethink how they protect systems. “We need to look into different ways [of protecting systems], absolutely. But if you ask me today what would be the solution, even after 10 to 15 years in the industry, I don’t have a rock-solid answer,” he added.

“We’re looking into all kinds of things, but at the moment this is one of the biggest challenges coming up, especially for governments.”

Are you a security guru? Try our quiz!