Dr. Jesus Canelon, with a degree in Information Systems and Technology and Science in Information Systems, gives an introduction to the Cyber Security course at the Leon S. Peters Business Building on Feb. 24, 2017 (Khone Saysamongdy/The Collegian).

Secret Helpers: Students take aim at ‘bad guys’ with cyber skills

At a conference in San Francisco last month, experts concluded that cyber security threats in the United States and the world will grow by the day.

A Fresno State professor who attended the RSA Conference with 31 of his students got a first-hand look at top experts in the cyber-security industry, which warned of the level of threat that has come about in cyberspace.

Jesus Canelon, an assistant professor, also teaches a cyber security course in the information systems and decision science department. He uses the course to teach students how to become “secret helpers” and fight off cyberspace attacks.

Canelon’s position was created as the need to teach others of the growing cybersecurity threats has become even more important. Don Stengel, Craig School of Business Associate Dean, said cybersecurity is a serious issue.

“It’s an issue in society, [with] computers getting hacked, financial stuff that we are doing online,” Stengel said. “We need two things. We need students, in general, to be more cognizant in cybersecurity issues and have good practices, [and] we need students who have the technical skills to be able to go in and actually start to do things to improve cybersecurity.”

That’s exactly what happens in Peters Education Building Room 31, where 35 computer stations are offered to students in a cyber-security course – IS 130 – that has been taught for the last two semesters by Canelon.

“One of the activities that students have to do in the cybersecurity class is find vulnerabilities, a vulnerability assessment, and doing some sort of, let’s say, attacks on websites and databases,” Canelon said.

Those so-called “attacks” are done on purpose and strictly for educational purposes. Canelon takes an even bigger measure to ensure safety by closing off the entire lab to “the rest of the world,” as Stengel puts it.

“We have the ability to wall [that lab] off so students are not going to inadvertently do damage somewhere else,” Stengel said.

As they are closed off from the world, instruction in the class often revolves around trying to find “vulnerabilities” to the different computer stations. On a smartboard in the lab, Canelon displays several different computer stations, which are numbered and show the different ways someone can go into them.

The idea of getting into a computer may sound bad, but Canelon said the work students do is educational. It is also the kind of work done by “white hat” hackers who hack systems for the purpose of warning companies or users of potential risks or of even bigger attacks in the future.

That’s in stark difference to “black hat” hackers, who will not tell someone when they have been compromised and will often sell a user’s data on the black market, Canelon said. He added that hackers can also come from other countries, and often, countries which have bad relations with the United States, making it harder for authorities here to prosecute the hackers.

“It’s a problem that is going to broaden, because we have all these devices, cars [and] appliances at home,” Stengel said. “They are all becoming internet accessible, there is a fear right now of power plants potentially being shut down by somebody in Russia or China.”

Canelon also warns students of public space internet, like the one customers have access to at Starbucks. He said Fresno State’s wifi is much more secured and it would take someone with legitimate credentials to transmit communications through the system.

Canelon said that students sometimes forget that even a person next to them at a coffee shop could easily setup an internet connection and access their information if they use the connection. Canelon encourages people to read the fine print and all warnings.

“[Hackers] can capture that information and then can analyze it. If the information is not encrypted, during the day [hackers] can collect the data and during the night review it,” Canelon said. “These are the kinds of things that you have to be aware of.”

In class, that’s something students are taught. They also work to find ways to make sure it happens less and less by testing how secure devices around them are.

“The same tools that [students] use in the lab are exactly the same tools the bad guys use,” Canelon said.

Stengel added that, just as students are using the same tools the black hat hackers, they are encouraged to think like the bad guys in order to identify vulnerabilities and help improve cyber-security.

“It’s like in law enforcement,” Stengel said. “Knowing that you are going to be a good detective is you have to think the way that criminals think. But that doesn’t mean we want the detective to become the criminal.”