The boys who might save your life one day really love fast cars. one of them, a 24-year-old named Mark Davis, drives a turbo-powered black Ford Mustang. Earlier this year, Mark took me for a drive through Tulsa, Okla., where he lives. "Check this out," he said, as we passed a strip mall. He flipped on a Metallica CD, rolled down the windows, pumped up the volume as high as it could go, and revved his engine. A few people standing on the curb staggered back as if they'd been shot. Mark grinned.
"Dude," he said, supremely satisfied by the effect. "That ruled."
Mark could talk about car stuff for hours, but he has other consuming passions. A graduate student in computer science at the University of Tulsa, Mark understands far more about bits and bytes and other aspects of cyberspace than a good number of adults. So do many of his friends at the university, most of whom also have excellent cars, awesome stereos, goatees, piercings and tattoos. The Dudes, as we might call them, have been playing with computers since preschool. They have skills they can use in ways most of us cannot imagine, and that makes them a valuable national asset--assuming they behave themselves.
In another, flusher time, guys like Mark Davis would be preparing for lucrative private-sector careers. But these are not flush times, and it's a foregone conclusion that even the most tech-savvy whiz kid might have to wait a while for serious money. Luckily, the Dudes have other plans. Ready or not, Mark and his friends will soon be working for Uncle Sam. Specifically, they'll be guarding crucial U.S. infrastructures, thanks to a $30.5-million cyber-security program known as Cyber Corps.
Started last fall and funded by the National Science Foundation and the Department of Defense, the program (officially called the Federal Cyber Service: Scholarship for Service) is for juniors, seniors and a handful of graduate students. The deal: complete a degree in cyber security--which involves the study of computer systems, their flaws and techniques to protect them--courtesy of the federal government, in exchange for a two-year commitment to work for the government. Among the many agencies interested in employing them: NASA, the Navy, the Air Force, the FBI, the CIA, the Office of Homeland Security and the National Security Agency.
These are unsettling times in America. Osama bin Laden is MIA. War with Iraq looms. Enemies--invisible, amorphous, ever-threatening--are out there. They can stage an attack anonymously, from a cyber cafe, a cell phone or the privacy of a bedroom. Last year, roughly 85% of American government agencies and corporations reported security breaches.
Anonymous computer criminals, or "black hats," launching cyber attacks such as the Nimda worm and the Melissa virus cost the global economy roughly $10 billion during the first eight months of 2001. With a few learned keystrokes, say security experts, hackers working for themselves, corporate espionage operations, organized crime, hostile governments or terrorist organizations could wreak havoc on the country's critical electronic infrastructure.
On Aug. 16, consultants at a San Diego security firm called ForensicTec Solutions Inc. illustrated this point, announcing that they'd used software widely available on the Internet to enter dozens of confidential military and government computers without permission. Among the files they perused: an Army "smart book," detailing radio encryption techniques; hundreds of personnel records containing Social Security numbers, security clearance levels and credit card numbers; and, in one case, "a [Defense Department] memo naming couriers to carry secret documents and their destinations," according to the Washington Post.
Once an obscure item on the government's agenda, cyber security is now center stage. Securing the cyber infrastructure is paramount to homeland security, says White House cyber czar Richard Clarke, and yet "the government doesn't have anywhere near the number of trained IT personnel it needs." Clarke won't quantify the size of the deficit, but other experts do.
"It's a big black hole," says Alan Paller, director of research at the SANS Institute, a security consortium based in Bethesda, Md. He estimates that more than 100,000 federal employees whose jobs involve computer security have almost no security skills.