When you are the Boeing Co., making airplanes on which millions of people’s lives depend, you sure don’t want a bunch of college students to hack into your computer systems.
So what do you do?
You hire a bunch of college students to hack into your computer systems.
That’s how a team of Cal State Fullerton computer science students ended up being handed a hefty manual of the aerospace giant’s security standards a few months ago.
Boeing reached out to CSUF’s Center for Cybersecurity for help developing new ways to gauge how effective its security standards are at keeping malicious hackers from modifying critical software, stealing secrets or disrupting the company’s operations.
The project is right up the alley of a department that boasts an Offensive Security Society, a professional student group set up in 2014 for those interested in pursuing careers in the field of cybersecurity. Offensive security is a new philosophy in security, augmenting the old model of stopping incoming attacks by putting up a shield.
“We still do that,” said Mikhail Gofman, associate professor of computer science, who oversees the Boeing project. “But offensive security says learn the tools and techniques that the attackers use – become a good attacker yourself – then go ahead and attack yourself. Because if you can break in to your own house, then so can the bad guys. Stop the cyberattacks where they begin, which is the attacker’s mind.”
Officially it’s called penetration testing, but most people, even…