Learn to think like a hacker

Learn to think like a hacker

La Trobe’s Adjunct Professor of Cybersecurity, Michael Fieldhouse, is an authority in cybercrime. He is the Director of Emerging Businesses and Cybersecurity at DXC Technology and a leading advisor on large-scale corporate and government cybersecurity strategies in Australia.

Michael spoke with us about the prevalence of cybercrime, the skills cybersecurity graduates need to combat it, and how getting inside the mind of a hacker is great way to train.

Be your own chief security officer

It’s probably time to stop thinking that cybercrime won’t happen to you. With an estimated value of $400 billion – on par with the global narcotics industry – the global cybercrime industry offers criminals a chance to make serious money. And the odds are definitely in favour of the attackers.

“There was a statistic just recently about 450 pieces of malware being released each day. It’s just absolutely enormous, the scale of things,” Michael says.

Cybercrime is also simple to set up. The combination of low entry point and a high value payoff adds to its allure for criminals.

“For example, what we call ‘whale phishing’, which is going after somebody who has an identity, like an executive or somebody who’s quite prominent, can earn a hacker $30,000.”

Cybercrime’s vast reach and strong profit incentive makes now the right time to take control of your own information. According to Michael, cyber safety is our collective responsibility – we all need to actively protect our online selves.

“We need to be vigilant about what we do, how we protect our own livelihood and digital assets. That helps the agencies to help us as well, because they’re not dealing with the volume.”

Protecting your information starts with thinking about what things are public and what are private, then putting some simple security in place. This kind of analysis is the basis of critical thinking – something Michael looks for in new cybersecurity hires.

Top skills for cybersecurity talent – and how to get them

According to Michael, cybersecurity staff need two key skills: critical thinking and collaboration. The ability to both think through problems and work with others to solve them is essential to preventing and defending cyberattacks.

“It’s not about you, as much as how you work together as a team and build those relationships where you can get the most diverse set of people looking at a problem. Because that’s actually the best way to solve the problem,” he says.

One way to develop these skills is to think like a hacker. Although their activities are illegal, hackers have a finely honed understanding of computer networks, systems and online behaviour. By exploring systems and processes through a hacker’s eyes, cybersecurity experts can identify weaknesses and threats, and begin to imagine how hackers might attack.

Developing that mind process is crucial, Michael says, because cyberattacks always start at the weakest point.

“Hackers are always looking for vulnerabilities. They’re patient, they’re methodical and they’ll work through the problem. And they’re always looking for ways to collaborate as well,” Michael says.

“The mind of a hacker wouldn’t really go after a board member at his company, because that might be the most secure point. They’d end up going for him at his charity, because that’s probably got the least amount of security. So how do you actually get to him there? That’s what they think through.”

Once you know a system’s vulnerability you can build more effective defences to cybercrime. You can also develop better contingency plans to recover from cyberattacks.

“That kind of critical thinking, almost from the dark side of it, gives you the ability to be on the light side of it, and actually start saying: ‘Well, if they did this, this is how I would do it.’”

Who’d have thought learning from the net’s shadow self could teach you so much?

Develop a hacker’s mindset with La Trobe University’s Master of Cybersecurity to become an in-demand specialist in a rapidly growing field.