How to Become a Hacker for the Military?

How to Become a Hacker for the Military?

Do you want to work with a hacker? While the answer is usually a resounding “no” for many organizations, the Defense Department’s Cyber Crime Center Vulnerability Disclosure Program welcomes hackers and has been partnering with them for nearly four years. Of course, I’m talking about ethical hackers, also referred to as “white hat” hackers. Ethical hackers contribute to security as well as society in many ways. They tirelessly look for system vulnerabilities. Once identified, the required patch will be released before a black hat can abuse them. By eliminating potential flaws, ethical hackers not only save organizations from monetary losses but ensure that the customers and stakeholders won’t suffer the exploitation of data privacy.

How does one become a hacker?

Install any operating system based on *nix family. (Delete windows, either it is genuine or not, it doesn’t matter)

First, it's not easy to be a hacker or security expert.

It's a long process and hard work of lots of years, it won’t come in just one night or one day or one month or even one year.

One must be a very passionate, curious and hard worker.

  1. Learn to use Linux or Unix using Command-line Interface only (no GUI as there is no learning in GUI, if need GUI then use windows) and then after doing a lots of practice, learn Linux system administration.

  2. Learn shell and python scripting language (useful in developing security tools and automating tasks)

  3. Learn computer networking, Linux Networking Concepts which includes Wireless networking, protocols, OS/TCP-IP stack, IPTABLES, IDS/IPS, etc.

  4. Learn NMAP Scripting Engine & Pentesting Tools (NMAP, Wireshark, aircrack suite etc.) and security framework 'Metasploit' and do lots of practice.

  5. Try to get your hands dirty in Kali Linux but please, don’t limit yourself to only Kali Linux (because you can also do that with every distro of Linux family)

  6. Learn server security hardening or learn to protect your servers, in other words, *nix security administration.

  7. Must learn Programming languages like C/C++, ARM/x86/x64 assembly language, which helps in development (code and memory optimization), shellcode development, reversing malware, software and also in software exploitation).

  8. Learn about socket programming in Python and C, both. It would be helpful in the development of backdoors and shellcodes.

  9. Learn about operating system concepts, about Linux and BSDs and their security implementation on OS to make them secure.

  10. Learn kernel programming which includes driver development from both, theoretical and practical point of view.

It would be little difficult to learn kernel programming as it requires one to be proficient in C, *nix system engineering (user-space development), some assembly language and all other operating system concepts.

In kernel programming one will learn more about the internals of os and kernel like how everything inside the kernel works.

Note:

  1. Whatever stuff I have written here is more focussed on System and Network Security.

  2. Please don't take it so easy,it requires a lot of hard work to be an independent security expert.

  3. Do lots of research (or re-search on google) and learn by own. Don’t depend or wait for someone to teach or spoon-feed. Everyone is busy and struggling with their own problems in life.

  4. Do a lot of practice on each and every point that mentioned above by setting up the virtual labs or in dockers or some sort of hardware, whatever suits.

  5. Learn and read a lot of security technical books and also practice them a lot because technical books are not novels.

This post doesn’t cover mobile pentesting (user-space) and web pentesting. I am not the right person for web or on mobile pentesting yet but still mentioning some; like learning web development languages, learn about OWASP and also web-based attacks and try HackerOne or Bugcrowd to practice etc.)

For mobile pentesting like app reversing etc. one can proceed after learning the points mentioned above.

Requirements:

  1. Google.

  2. Curious Mind.

  3. Patience .

  4. Eagerness to Learn.

  5. Constant and continous learning.

Never Stop Learning!!

Think Like a Hacker

While the first use of the term appears to date from a 1995 Computerworld interview with an IBM technologist, ethical hacking has been around since the early days of computing, according to an IBM Systems Journal article by Charles C. Palmer.

"Just as in sports or warfare, knowledge of the skills and techniques of your opponent is vital to your success," writes Palmer, who worked with IBM Global Services to start IBM's ethical hacking practice. "Ethical hackers have to know the techniques of the criminal hackers, how their activities might be detected and how to stop them.

Far from being reformed hackers with criminal histories, ethical hackers, in fact, pledge not to break the law or steal information. "The Certified Ethical Hacker certification is designed to help people to determine who is trustworthy and who is not," says Craig Bogdon, senior network engineer at Sage InfoSec, who earned the CEH credential.

Hacker Training

The military does not require you to have a degree in computer science to enter a military job related to hacking. Let’s return to our Army example and review the training a new recruit can expect to get if they are approved to become an Army Cyber Operations Specialist.

The first expectation is that all troops must pass the initial training phase as an officer or an enlisted recruit. New recruits without college degrees entering the U.S. Army as enlisted soldiers who want to become Cyber Operations Specialists will attend 10 weeks of Basic Combat Training and two Advanced Individual Training phases.

Systems and certifications that may be offered via training programs in the Army can result in the recruit being qualified on the following:

  1. CompTIA A+

  2. CompTIA Network+

  3. CompTIA Security+

  4. Certified Ethical Hacker (CEH)

  5. Certified Information Systems Security Professional (CISSP)

  6. CISCO Certified Networking Associate (CCNA)

As you can see, there is an industry-standard Certified Ethical Hacker credential possible, as well as training/certifications for routers, network issues, and much more.

Who Qualifies For These Military Hacker Jobs?

Each branch of military service has its own requirements for cyber security jobs like the one we’ve been reviewing above. For the particular Army job seen here, there is a minimum ASVAB score requirement in the following areas:

  1. General Technical (GT): 110

  2. Skilled Technical (ST): 112

Again, each branch of military service has its own unique requirements. For example, the Air Force’s Cyber Systems Operations job (which may or may not be similar to the Army equivalent mentioned above) for enlisted troops has only a general ASVAB requirement compared to the Army job above. The minimum qualifications for this Air Force hacker-type military career includes:

  1. High school diploma, GED with 15 college credits, or GED

  2. “Knowledge of cyber system elements”

  3. Completion of an “Initial Skills” course

  4. Completion of a current Single Scope Background Investigation (SSBI)

  5. Completion of 8.5 weeks of Basic Military Training

  6. Must be between the ages of 17 and 39

How To Find A Military Hacker Job

The recruiting office is the place to get the most up-to-date information about job openings in military cyber operations, white hat military hacking, etc. However, if you are looking for general information (as opposed to what the current vacancies might be) you can search the official sites for all branches of military service.

Be sure to use key phrases like “Enlisted White Hat Hacker” or “U.S. Military ethical hacker job” as search terms and don’t forget that the Department of Defense uses the term “cyber” a lot when describing hacker jobs, missions, organizations, etc. You can also look up the organizations responsible for military computer operations and related missions such as:

  1. S. Fleet Cyber Command

  2. Marine Forces Cyberspace Command

  3. Air Force Cyber Command

  4. U.S. Space Force

  5. U.S. Army Cyber Command

How To Apply For A Military Hacker Job

The first thing to remember is that if you have skills that meet the job description, you should mention them to the recruiter–you will want to have a conversation with a recruiter from more than one branch of the military so you can compare job descriptions (most military branches use the term “cyber” as a keyword for military hacker jobs), education and training requirements, etc.

Hacking is a tricky skill since many of the options you have to learn aren’t always “white hat” choices. Remember that a recruiter is obligated to ask you about past run-ins with the law no matter how minor they may seem.

If you have a past that is not troubled by legal run-ins (especially those based around your hacking skills) you will have an easier time with the recruiting process but don’t assume that you do NOT qualify–let a recruiter determine if a past legal issue is a true barrier to enlistment or if it simply requires the request for a waiver (which IS possible depending on circumstances).

Getting a military job that requires or trains troops to use hacking skills requires you to speak to a recruiter, consider your basic training options, and much more. It’s good to research your career interests first before talking to a recruiter.

If you are firm in your commitment to a specific type of career field, you will have a better time in the recruiting process than someone who hasn’t made up their mind yet. And if you are committed to a certain path, be up front about that when talking to any recruiter from any branch of service. It will save you a great deal of time.

Joe Wallace is a 13-year veteran of the United States Air Force and a former reporter for Air Force Television News

Read More