Security Chipmunks
Security Chipmunks
Episode 1 - NICE one
In our first episode we discuss events, conferences and available practices to those who are new to cyber security.
Events
Conference:
Intro Sec Con, Free conference on April 17th, 2021
CCDC
NCL
https://nationalcyberleague.org/
NICE Challenge
Labs:
TryHackMe
HackTheBox
ImmersiveLabs (Sign up with your college .edu email)
https://www.immersivelabs.com/
Twitch streamers
BanjoCrashland
https://www.twitch.tv/banjocrashland
Cyber Insecurity
https://www.twitch.tv/cyber_insecurity
Crypto The Llama
https://www.youtube.com/channel/UC2Mq09_FBWckT1WmcraWr-g/featured
August GL talks about reverse engineering the TikTok app in the latest issue of 2600
https://store.2600.com/collections/pdf/products/new-issue-pdf-winter-2020-2021
Raytheon Women’s Cyber Security Scholarship
https://iamcybersafe.org/s/raytheon-womens-scholarship
Socials
- Join our Chipmunk community Discord server: https://discord.gg/9yfWP6evYQ
- Follow us on Twitter: https://twitter.com/SecChipmunk
- You can find us online at: https://securitychipmunks.com
Thank you.
Edna Jonsson:Welcome to Security Chipmunks, where we talk about the development of cybersecurity skills. To stay up to date in today's world, you need to be resilient. And that is why, as Advanced Persistent Chipmunks, we keep chipping away at it. We're your hosts, Megsethna Johnson and Neil Smalley. Hello, Neil.
Neil Smalley:Hello, Edna.
Edna Jonsson:How are you doing? Not
Neil Smalley:bad, not bad. How are you?
Edna Jonsson:Doing pretty good. All right.
Neil Smalley:So jumping straight into it, we have event segments. Do you want to talk about some upcoming events, past, present, future?
Edna Jonsson:I would love to talk about some events with you. An event that I know of that's coming up pretty soon is the IntroSecCon. And that is a convention for people that are new to cybersecurity. So that one is going to be on April 17th. I'm pretty excited about it. This is supposed to be a convention where the cybersecurity community comes together and they help you join to build projects, hack gadgets, and capture the flag. So this is supposed to be a community building.
Neil Smalley:How much does it cost?
Edna Jonsson:This is free. There is no cost, there is no registration, and there is no expectations. You're welcome to come to the way that you are. That's really
Neil Smalley:cool. Did you make it to the one last year?
Edna Jonsson:I did not. This will be my first time going.
Neil Smalley:Something to look forward to. I was able to attend some of it last year. Oh, really? That's when I really started getting into Discord and conferences since everything was online.
Edna Jonsson:Nice.
Neil Smalley:I got at least part of it. This one should be even better this year.
Edna Jonsson:Oh, that's great. I'm looking forward to it. You know, the pandemic has been hard, but I think one great thing that has come out of it lately is that all of these conferences are popping up that are free, or conferences that have been in person are popping up. They're now online, and they're either free or they're very low cost. And it is making it a lot easier for people to... join the cybersecurity community out there and get exposure to what is available and out there. They're able to join these conferences from their own home and learn a lot. So I think that's been a great new change in the way the world in cybersecurity works. And I kind of hope some of it will stick around after the pandemic. is over.
Neil Smalley:Absolutely. It's definitely been beneficial for me. I know that it's not so easy to travel to all the conferences, but I've been all over the country thanks to them being online. So it's been great. Met all sorts of people. Speaking of meeting people and whatnot, we just got done with a competition here.
Edna Jonsson:We did. This was my favorite competition. I had so much fun. It was the CCDC competition or the Collegiate Cyber Defense Competition that we were training for for months. And we just went to regionals. And that's a big deal for our university. It was the first time in a few years that our university has had a team go to regionals. And we competed against some of the best teams in the country. One of them is a multinational competition winner. So that was a great experience. What was your favorite thing?
Neil Smalley:Just getting to play around in lab environments that had so much to offer. That and being able to interact with other students and work together towards a common goal is quite fun.
Edna Jonsson:Yeah. If you could do it again, would you do that same competition again? Oh,
Neil Smalley:absolutely. I think it's a very valuable experience for anyone coming into the security space. So to get ready for the competition, we had to do a lot of practice. Do you want to talk a little bit about what we were doing to practice?
Edna Jonsson:Yeah. So we didn't have the infrastructure at our university in the beginning to practice. So we were able to stand up a practice lab that had network configurations. We took it from another CCDC district. So we took it from the Western Regional CCDC district They very kindly make their virtual labs available to people to download and use, which is a great learning tool. But we took their networks from previous years and we set up a couple of different configurations of that. So we chose one network was for the qualifying competition. Another one was for the regional competition. And so being able to practice on different these are kind of like business networks. And so being able to practice in different size networks that have different issues and different challenges, different operating systems. And you have to get on there and practice hardening, patching, updating, hardening the systems over and over. I think that was great and making us, I think we, the entire team at the end of this is they were all SMEs or sub matter experts on hardening this these systems because we have done it so many times to be prepared for doing it in the actual competition and the competition for regionals it's a two-day competition so it it is a lot to prepare for and we didn't quite know what we were getting into at first not having had another team that had gone before us and telling us what their experience was like. So it was kind of preparing for something that was unknown to us. And that was, it was a good learning experience.
Neil Smalley:Yeah, I think that that's part of the excitement, not knowing quite what to expect, but also wanting to learn as much as possible with which I think that environment does. We talk about it being a business environment. It's a very compressed. You have configurations you wouldn't necessarily see or want to see in the business world. And the injects during the competition are basically tasks you would get in doing day-to-day business so like add new users for example things like that it's all very compressed we went through like what 20 injects in two days
Edna Jonsson:yeah we did that was so part of the competition is this time management skills that you have to have because you have many things that you have to complete, but you have to complete them in the timeframe that you're given. And then while you're in the middle of defending your network and defending your systems, then you're given these business objectives that you need to complete. And they have certain timelines that you have to get through as well. I was very proud of our team for completing every single inject. We had a response for every inject that the competition assigned yeah
Neil Smalley:well we didn't get score that we wanted on every inject we at least attempted each inject so yeah we at least tried
Edna Jonsson:yes we put effort into it and we did our best I am very proud of our team that was a huge growing experience for every team member and I hope that this has been a good experience for them
Neil Smalley:absolutely and I also want to note that I think by our team going and participating and putting all this effort other students in the club have seen and come and set you know practice and what not and it's like hey this looks like something maybe I want to do and so I think we have people who want to do it next time, which I think is great.
Edna Jonsson:Yes. We'll help the next generation of teams get through the competition. It's going to be great. We're putting together our playbook for how to win the CCDC competition. Maybe one day we will get to nationals and that will be so exciting for me to see our school get there
Neil Smalley:yes that would be awesome yeah so speaking of competitions there is another competition uh that has various phases i would call it uh so it was running at the same time so that was a busy weekend
Edna Jonsson:oh yes the ncl the national cyber league yeah that's a great competition as well um That one's only open to high school and college students. And they have different phases. So during the CCDC competition, when we were at the ALCCDC regionals, that's when the individual games were running for NCL.
Neil Smalley:And so NCL is more of a capture the flag style competition as opposed to CCDC where you're defending a network or boxes.
Edna Jonsson:Yes. Yeah, so that one consists of solving challenges and demonstrating
Neil Smalley:abilities to get through those. The way I look at it is you kind you solve a puzzle and then it gives you a flag at the end and then you can check to see if you're right. So then the instantaneous feedback is quite nice from a student perspective.
Edna Jonsson:Yes. It's good to do when you've done the right thing. Absolutely. So and there's another, so speaking of college challenges, So there's another one that I just became the coordinator of at our school, WGU. And that's the NICE Challenge. So that one is great for developing real world cybersecurity skills within a business environment. So it's like a mini CCDC, but you have a weekend to solve challenges. and you can work on your own or you can do it in a team where you work with friends to solve the challenges. So at our school, we have people that will meet up on Discord and walk through the challenges and they help each other out. There's a great... great team of compatriots where they're like no owl left behind. They will help you solve the challenges. So if you're trying to learn, but you don't know exactly what you're supposed to do, there are people that will help you get through it. So I became the coordinator for that challenge and I just became the vice president of the Cypress security club at the school. So I know I talk a lot about our school now, but that's why. But
Neil Smalley:yeah, it's just, there's so many people from all different points in their careers and there's
Edna Jonsson:just
Neil Smalley:so many amazing people to meet.
Edna Jonsson:Yes. Absolutely. And they have different skills. And so that's been... Really nice for me to learn from people who work at different companies, who have different experiences and can teach me about different products. For example, we have somebody that works at Microsoft and is an expert on Microsoft products. So it's great to be able to, you know, when you're running into issues, just tap on their shoulder. Hey, I've been working on this. And I am at my wits end. I cannot figure it out. Could you show me how to do it? And having people that will help you with that is just fantastic.
Neil Smalley:Absolutely. Yeah. Like the CCDC challenge has real world style challenges. The nice challenge. I feel like it's very similar, but less hectic and compressed. Yeah. one scenario here's the network you have to do very it's like getting an inject but it's one inject so it's a nice way to warm up for CCDC as it were
Edna Jonsson:oh yes yes I would definitely if you're somebody that's in school and is going for the CCDC that you want to be on the CPC team, this is definitely a great way to start practicing for that. But the nice, go ahead.
Neil Smalley:I was just going to comment. I believe the map to NIST objectives
Edna Jonsson:as well. The NIST framework. Absolutely. So that is a framework that describes many different roles in the cybersecurity world. And so this is the challenge it selects a role or one of the items in the NIST framework and then builds a challenge based on that. So you can experience different areas in cybersecurity, try them out, and see if those challenges are fun for you and if that's where you want to continue your learning. So that's a great benefit of the NICE challenges as well.
Neil Smalley:So moving away from time-constrained events. There's other things that are available all the time, pretty much. There's different labs like Hack the Box or whatnot. When we were doing our previous recording, I had complained about the VPN, but since then I've actually tried it and it seems like they've really worked out a lot of the kinks. I didn't have any issues with connecting to the VPN and playing around with some of the starting point labs.
Edna Jonsson:Okay, so we can... So the VPN on what?
Neil Smalley:Oh, I thought I said hack the box.
Edna Jonsson:Okay. I didn't hear you say that. So
Neil Smalley:hack the box is a website that has various boxes that they have made and then lots of community contributed boxes that you can practice different attack techniques on or whatnot. So you might have to explore void a certain type of vulnerability or something to get into the box and gain user, typically it would go like user privileges and then admin privileges after that to complete the particular box.
Edna Jonsson:Very nice. So hack the box had issues with the VPN and it's a little more stable now. At
Neil Smalley:least I've heard a lot of complaints about it and I've had my own share. But no, I think they made a lot of updates even this last year or so, probably. That it seems it's much more stable now.
Edna Jonsson:Okay. So there's another one as well called TryHackMe. Have you tried that one?
Neil Smalley:I have.
Edna Jonsson:So what are your thoughts on TryHackMe?
Neil Smalley:It's interesting. Some people think it's a little bit too hand-holdy, but... I think it can be useful in its own right, depending on what you're trying to learn. Some of it can be a little bit annoying, the way it's set up, in terms of answering the questions. It's all flag-based, to where you have to enter a string. But yeah, it's not all... some are like how do you use this tool the Nmap room for example is well I guess they do give you a box you can scan but it's also about knowing how to use the tool so it asks you specific questions about the different flags to use with Nmap this is different than the flag you use to score, but when I talk about flags, it's the options that you add to the command to make it do different things.
Edna Jonsson:Okay. So kind of what I think with the tryhackme and hackthebox, I think tryhackme is the best place to start if you're new. So that is my recommended. When somebody asks me where should I start, I tell them tryhackme Try Hack Me because it does have that hand-holding and it explains and walks you through things. But then once you've gotten some experience with it and you've tried it, then go to Hack the Box. Absolutely. And work through those. So that's been my recommendation to people that are new. Because Hack the Box is challenging. It really is. And I don't want people to give up. I want people to try it out and... not feel so frustrated that they give up right away. So that's my goal. Absolutely. Get people interested in and involved and get them going and then raise that bar as they learn more.
Neil Smalley:Another interesting one for more beginner, well, there are also some more advanced topics, but Immersive Labs has some interactive kind of like very even more um constrained or the the scope is more constrained even more like than try hack me for example where they could have an entire room just did they get to nmap their labs are more like do this one thing with nmap or something practically
Edna Jonsson:yes so um immersive labs i feel like is a hidden secret for college students. As college students, you have access to some free immersive labs and they are a great educational opportunity. I have completed a lot of boxes on immersive labs. I'm actually like number three at our university. But it's been fun working through those exercises and AT teaches you a variety of skills. So you learn blue team skills, you learn red team skills, Linux and Windows operating systems you get more familiar with. And it matches, they have it mapped out to the MITRE ATT&CK framework. So it will tell you what this is as far as where it matches in the MITRE ATT&CK framework, if it has a match there. And so you also learn about the MITRE ATT&CK framework as you're working through those exercises.
Neil Smalley:Right. That's actually one of my favorite parts about it.
Edna Jonsson:Yeah. So I actually have like a spreadsheet of all of my immersive labs that I've worked through so that I can keep track of because they sometimes will remove boxes from there and you can't see them anymore. Yeah. So I don't want to forget which boxes I've worked through. So I have a spreadsheet that tracks, like I did this one, I did this one. And then I can also see which ones I have left. But I just, I love data. So I put together spreadsheets on all kinds of things. And that's just my quirk. But I like having that information of what I have worked through. So if anybody ever asks me, I can go back and check it out.
Neil Smalley:So learning all this stuff is a But at the end of the day, we want jobs, right? So how's the job going?
Edna Jonsson:I'm still working on it. That's been, I'm trying to do all the right things. So I have watched some popular streamers that are trying to prepare you for jobs. So there's Neil Bridges, there's Jason Blaine, Blanchard. They have great information. Jason Blanchard, I absolutely 100% recommend that if you're looking for a job, watch his stream. He does them on Tuesdays and Fridays and his method works. I'm sure it will work for me eventually, but I'm still working on it.
Neil Smalley:But you've gotten you've been able to at least make contacts through his method, right?
Edna Jonsson:Yes. I am really growing my network and that's been a nice side effect from working through his method is that I'm making new friends in cybersecurity and that's exciting to me because I feel like eventually we will start going to conferences in person and then I will eventually meet these people that I talk to online and then I'll be able to buy them a drink and say hello and all of those nice things but just because I haven't gotten a job yet doesn't mean that these connections I have made aren't worth anything I'm just thrilled to have all these people that are willing to take the time out of their day and talk to me. Absolutely. Yeah. So how about you? Has it been working for you?
Neil Smalley:To actually have something work, you have to actually engage in something actively. I've been pretty head down on the studying, trying to get through school. So I haven't been doing as much of the job hunt as I probably should.
Edna Jonsson:You're doing the accelerated studying.
Neil Smalley:I definitely think it's important to start looking before you graduate though it just takes so long to find a job sometimes that it's important to consider that and it's easier to network while you're still in school once you're alumni I notice it does become a little bit harder to make those connections or keep those connections sometimes so definitely think about it now while you're senior before you graduate type of thing so I'm definitely shifting into full-time job gear.
Edna Jonsson:Okay, great. Yeah. I'm sure with CCDC too, that's been you, cause you've been studying. Um, I know you study like from morning to night and then you help out, um, teaching your fellow students and, uh, you're, you've been working on the CCDC team. So I'm sure that's been a lot of work by itself. Um, So once you do graduate, what are you hoping to get a job in? I
Neil Smalley:think it would be really fantastic to get even just like an internship to start out with. So some sort of cyber analyst internship or SOC analyst internship. I've even seen apprenticeship programs where they'll train you up to be entry-level stock analysts. There's all sorts of possibilities out there. I'm definitely leaning more towards the blue side of things. I think red team things are great, but I'm just not there in my career right now.
Edna Jonsson:Yeah. There seems to be a lot of hype about red team because that's what... I'm just going to say it looks sexy to people. The idea of breaking into companies and doing a pen test. But I think that's not the majority of the cybersecurity field. So everybody's focused on this small segment when there's so much more that you could be looking at that is very interesting as well.
Neil Smalley:People say that looking at logs all day is boring. I don't know. I like logs. I probably... like I would get bored if I did it all day, but I would love to be in that position of being bored of vlogs.
Edna Jonsson:Yeah. Yeah. That sounds good. All right. So other than working through boxes and doing all that learning, is there anything else that any reading that you're doing or
Neil Smalley:Yeah, so I definitely have different projects I work on.
Edna Jonsson:I've
Neil Smalley:been doing a lot of learning about PowerShell,
Edna Jonsson:how
Neil Smalley:those scripts work and whatnot, whether it's automation of admin tasks or understanding malicious PowerShell script. I attend a lot of webinars and different workshops and whatnot, and so some of them will go over obfuscated PowerShell, for example, and that can be very fascinating breaking down that end of the of things like you my impression is that you typically would start out like you have like various indicators that there's a problem and then if you dig down you might find a file for example so then like the dissecting the file see if it's malicious or what not is very interesting side effect Yeah,
Edna Jonsson:that sounds interesting.
Neil Smalley:How about yourself? Anything you've been working on on the side in addition to your studies or competition and stuff?
Edna Jonsson:Well, there's a project that I am starting that I'm putting together the pieces for because I'm going to be making the poor man's bash bunny. So I'm going to make some for my classmates so that they can play around with that.
Neil Smalley:What is the bash bunny for people who might not know?
Edna Jonsson:So the Smashbunny is, it's a tiny tool that, it's a USB that you plug in and it automates tasks. So if you have a USB drive, there's an attack where you spread USB drives in parking lots. So this is something that you can have and drop a battery and somebody else will pick it up and then plug it in to their computer and then you can execute a payload and something bad might happen. So that's kind of what I'm working on making these USB drives that my classmates can test out. So
Neil Smalley:basically it auto runs once you plug it in.
Edna Jonsson:Yes, yes. You don't want to plug it into your computer. Yeah.
Neil Smalley:Sounds very handy to have in the bag of tricks.
Edna Jonsson:Yeah. So other than that, I watch a lot of tech TikToks. There's one that I really enjoy. He's got a YouTube channel as well, but it's Crypto the Llama. And so he will do...
Neil Smalley:Oh, I was just going to say, I don't think I've
Edna Jonsson:seen that llama. Crypto the Llama. He does fast introductions. So he will tell you in one minute what is parrot. And all these... different technologies and different concepts, he'll tell you in one minute what it is on TikTok. So he's doing a great job of educating people who might not know, who are new to cybersecurity. So I love where people are making cybersecurity accessible to people to learn about. And he does a great job of that. That's pretty cool. Yeah. And so if you're into both tech and TikTok, there is a tech talk community and you can join them on discord. Um, and they do a lot of like hanging out on the voice channel where you can talk and learn. They have classes that they run in their community. So that's been, yeah.
Neil Smalley:Speaking of, uh, TikTok, I was, um, I, uh, like reading the 2600, the hacker quarterly and, the latest issue has a pretty interesting article where the author goes through and actually reverses TikTok.
Edna Jonsson:He reverses TikTok?
Neil Smalley:The app anyway. Oh, okay. It's definitely an interesting deep dive to read through if you have the time.
Edna Jonsson:Okay. So this is in the latest article? Yeah,
Neil Smalley:volume 37 number 4.
Edna Jonsson:Nice. You know, I need to start subscribing to that because as I was taught hacker culture, you go to the bookstore and you buy $2,600 with cash in the store, but I think probably due to the pandemic, there's probably other people that have stopped doing that, so I should pick up a subscription.
Neil Smalley:Plus, you can't be the convenience of having it mailed to you.
Edna Jonsson:Yes. Yes, and you won't forget to go pick up an issue.
Neil Smalley:Or you can get the digital edition. You know, it's not a bad way to do it either. I mean, it won't ever compare to the feeling of having that crispy paper in your hands, but at least you can read it on your phone or whatnot. So I think you had and a scholarship you want to talk about?
Edna Jonsson:Oh, yes. I wanted to mention this because I want to let people know that there is the Raytheon Women's Scholarship. And I'm going to include a link to this in our show notes so that people can find it. But it just opened up on April 1st. And this is for college students. The requirements are you must be a woman. You must be a high school senior, undergraduate graduate, or graduate student, must be a citizen, and you must be pursuing a degree with a cybersecurity or information security focus. This scholarship is going to be for up to $10,000, which I think can make a great deal of difference in some people's lives. So $10,000 that they can use for tuition fees, books, and required electronics. As well as the ISC2 certification education package. So I was looking at this and you could get your CISSP with this.
Neil Smalley:Wow, that's awesome.
Edna Jonsson:Yes. So you can take the certification exam of your choice. So I would recommend getting the CISSP exam but they cover the study material for that practice exams you get directed training and your first year's membership fees paid as well as your exam voucher
Neil Smalley:that's incredible
Edna Jonsson:it is so I think women definitely need to be jumping on this scholarship and That scholarship closes June 1st. So you've got a couple of months. Don't delay. And a
Neil Smalley:lot of times just even knowing about the scholarships is huge. I know there's lots of ones that I haven't known about and then people have mentioned it and I'm like, oh, that's awesome.
Edna Jonsson:So
Neil Smalley:I really appreciate you putting that in the show.
Edna Jonsson:Absolutely. So thanks for listening to the Security Chipmunks. And remember, if it seems overwhelming, just keep chipping away at it.