UMD students in ACES program identify weaknesses in university’s computer system

By Hannah Himes

For The Diamondback

Students in the University of Maryland’s advanced cybersecurity program crowd in a computer lab in the basement of Prince Frederick Hall to learn various network, coding and hacking skills.

Nineteen students in Professor Robert Maxwell’s course, HACS408T: Advanced Seminar in Cybersecurity; Penetration Testing, attend a nearly three-hour course every Monday where they search for and report weaknesses within this university’s main network, which is made up of the connection between computers on the campus.

More specifically, these students work with a branch known as penetration testing, where system designers simulate different kinds of cyber attacks that real hackers would attempt. Identifying these weaknesses and vulnerabilities within a system, or even an individual computer, is imperative to ensuring security, as it allows these system designers to fix the flaws, Maxwell said.

All students enrolled in the course are involved in this university’s Advanced Cybersecurity Experience for Students and they each apply “crazy brilliant” skills throughout the course, Maxwell said.

Despite this, ACES students do not have access to the entire university system to prevent the exploitation of students’ personal information, Maxwell said. However, they have the ability to see all the information an average hacker would have access to, he added; therefore, no personal information is at risk. In fact, students’ information is made safer when the system’s weaknesses are reported.

In addition to learning penetration testing, the students also develop skills with network scanning, security practice, ethics and detailed record keeping.

“We’ve got a hammer, everything’s a nail,” Maxwell said.

Senior Monica Katzen, a computer science and math major said the class is interesting because it focuses on the offensive side of cybersecurity, rather than the defensive side.

Her classmate, senior Daven Patel, a computer engineering major, agreed and said he enjoyed the hands-on experience the course offers.

These students are learning valuable job skills, Maxwell said, as there are jobs revolving solely around penetration testing for large companies that need an array of information to be secured.

“[The students] really manage to be on the cutting edge of this sort of stuff,” Maxwell said. “It’s always brilliant to me to see what interesting things they can find in our network.”

Some students in the class have already accepted job offers for their post-graduate lives, like Katzen, who said she recently accepted a job offer with IBM.

“Actually a lot of us already have jobs set up,” she said.

In this day and age, awareness of threats toward security systems is heightened not necessarily because there are more threats, but because there is more technology, Maxwell said.

However, these technologies often lack security. The task is daunting, Maxwell said, but the focus on security that these students are gaining is vital to the task’s completion.