When you connect to the Internet, the Internet connects to you! Though the United States is over 9,000 miles from Australia, it is only two tenths of a second away on the Internet. In less than the blink of an eye, malicious actors can reach out from anywhere in the world and rapidly hack a computer. For example, it takes as little as four minutes for an unpatched Windows computer on the Internet to be hacked. Because computers and computer networks are ever-present in our homes, businesses, utilities, transportation, telecommunications, military, and government they impact all levels of our society from personal to national significance. This makes the digital domain of cyberspace an essential environment to work in despite the risks.
There are many types of activities in cyberspace that can be used by one actor to gain economic, political, or military advantage over another or prevent others from gaining these advantages. Complex and always changing, activities are typically grouped into those that attack, defend, or exploit computers, computer networks, or the information within them. Attack activities disrupt, deny, degrade, or destroy the information within computers or the computers and networks themselves. Defend activities protect, monitor, analyze, detect and respond to network intrusions that would compromise or cripple computer networks. Exploit activities include enabling actions and intelligence collection of data from computer networks.
Praxis Engineering has been supporting our nation’s cyber mission across the attack/defend/exploit space for over twenty years. In 2016, with the rising potential of the Internet of Things (IoT) to benefit consumer, commercial, industrial, and infrastructure markets, we set up an IoT lab to conduct open, collaborative research and development, security and assurance testing, and specialized training such as soldering classes. Employees are encouraged to use it as a testbed for experimentation. In our Cyber Research Lab (CRL), Praxis teaches employees how to analyze firmware for vulnerabilities using software reverse engineering tools such as Ghidra. We created several examples and encourage students to develop proof-of-concepts against vulnerable code. Praxis prides itself on growing staff experiences through activities like mission-relevant internships. For example, Praxis engineers designed and built an experimental IoT network for our summer interns to use as they apply their knowledge from the CRL course to find vulnerable devices, try to exploit them, and learn attack/defend strategies.
To learn more about Praxis Engineering Technologies please visit www.praxiseng.com.
