The eyes of the world were recently focused on PyeongChang, South Korea for the 2018 Winter Olympics. While we watched athletes curl, skate, ski and slide across the frozen South Korean landscape, we at GRIMM had our own South Korean experience!
Through GRIMM’s HAX program, which provides real-world, hands-on-keyboard cybersecurity experience to undergraduate college students, with the goal of preparing and shaping the cyber research community of the future, we teamed up with Penn State Altoona and Professor Jungwoo Ryoo, PSU Altoona’s Head of the Division of Business, Engineering and Information Sciences and Technology, to create an Internship Program for five female cybersecurity students from South Korea, pictured above. These students were given real-world skills for how to work in a 21st Century tech company, preparing them for the workforce in the era of globalization.
HAX challenges are real-world focused, requiring students to use any number of technical techniques that often are not able to be learned in course textbooks. Typical techniques can include: binary, reverse engineering, cryptographic errors, logic bugs, misconfigurations, numeric overflows, heap and stack overflows, race conditions, validations errors, and evolving techniques. GRIMM gives participants details of a problem and asks them to solve it. The students solve these challenges by essentially playing detective - they are given clues and asked to use tools and techniques they have learned through the program to find the “flag” hidden in the challenge.
In January, Misun, Saerom, Seonmi, Sowon, and Giwoun came to the U.S. for 8 weeks. They attended classes in security and risk analysis, Information systems and technology and English as a second language. During their free time, they were able to explore other Pennsylvania campuses such as Penn State University Park and Carnegie Mellon University. They even worked in a trip to Washington, DC to learn directly from the GRIMM team and visit national monuments and local museums.
In the spirit of HAX, the students’ work assignment was to create two capture the flag scenarios - one web-based and one Windows-based to use for the HAX grand finale, end of (school) year challenge. This provided them with the opportunity to experience a project life-cycle from start to finish. The students were tasked with first brainstorming their ideas, drafting a proposal, and working with their project leads to finalize the parameters. Once their projects were accepted, they began to develop their challenges and prepare to present their completed work to GRIMM’s executives at a luncheon ceremony commemorating the completion of the program on March 2nd.
The GRIMM team looks forward to seeing the amazing things they will do in cybersecurity!