Cybersecurity firm trains students for high-tech heroics

Published 21 April 2017

With newscasts regularly portraying a menacing picture of cybercrime, Indiana State University Professor Bill Mackey — and the students he teaches — is almost guaranteed job security.

Perhaps the biggest news story this spring involves the Russians, the Democratic National Committee and, possibly, the Trump White House. It also involves exactly the focus of Mackey and his cyber security company, Alloy.

A Russian cyber security team, part of the Kremlin … basically phished John Podesta’s (former chairman of Hillary Clinton’s presidential campaign) email,” Mackey said. “It was a fake email, trying to get somebody to click on it. It looked like a Google email, saying somebody is trying to access your account, you need to change your password immediately, click here to change your password.”

Podesta did take the time to show the campaign’s IT experts the email because something didn’t look quite right.

So the IT guy sends an email back saying, ‘This is a legitimate email.’ But the IT guy, he committed a typo. What he meant to write was, ‘This is not a legitimate email.’ To his credit, it appears that he told Podesta to go through official Google channels to change his password, but he used the phishing link instead.

That’s how Russia gained access to all of the Democratic National Committee files, gave them to Wikileaks, who then distributed them,” said Mackey, a 2012 graduate of Indiana State.

Indiana State says that preventing the human missteps is exactly what Mackey’s enterprise does that’s different from almost everyone else: They marry the technological part (the computer-code breaking) with the human element for a mixture of tech and cybercriminology.

That human element is what we focus on,” Mackey said. “There’s still plenty of people out there writing code, but the vast amount of hacking now takes place through the human element.”

Like the human mistake made by Podesta and his associate, when Mackey is hired by a business that wants better cyber protection, he looks for the weakest link — human beings.

Beginning in the 1990s, the defense against cyber attacks began to grow, he said. Big cyber walls got put up making most systems pretty safe, particularly banks and other financial institutions.

You can break into those systems, but it’s tough, and it takes time and the chances of getting caught are a lot higher,” Mackey said.