CEDARVILLE – In a world where we rely heavily on computers in our daily lives, hackers and others launching cyberattacks have the potential to cause increasing damage. But hackers aren’t always the bad guys – good hackers are also needed to find vulnerabilities and fix them before they’re used to cause damage.
Ben Sprague is one of those fine hackers, and as Cedarville University’s Hacker-in-Residence for the Spring 2022 semester, he hopes to train student hackers to use their skills to protect others from cyberattacks.
Sprague graduated from Cedarville with a Bachelor of Science in Computer Science in 2006 and was one of six first-year graduates from the program. Since graduating, he has worked in the Cincinnati area government and defense industries. In addition to this work, he provides cybersecurity services for Christian ministries.
“It’s prohibitively expensive for churches and government departments to hire penetration testers — people you give permission to probe your network and find vulnerabilities before the bad guys do,” said Dr. Seth Hamman, director and associate professor of cyberoperations and computer science at Cedarville.
Sprague said he has helped mission organizations find and fix vulnerabilities in their networks that may have been exploited by “bad actors,” a term used by the industry for computer programmers intent on causing harm, not to help. By hacking their systems, Sprague also shows them warning signs that their network is under attack.
“The goal is to teach defenders how to defend,” Sprague said. “You have to be an authentic and good attacker to do that.”
Sprague officially holds the title of Visiting Professor and Fellow at Cedarville’s Center for the Advancement of Cybersecurity. He will teach a junior and senior class on the basics of ethical hacking and help out on another class. On March 30th at 4:00 p.m. he will be delivering a cryptocurrency seminar where students can trade a blockchain-based currency that Sprague has developed for a hands-on learning experience.
He also helps a high-level design team build a “leave behind device,” a small disguised computer designed to be surreptitiously plugged into a network to allow unauthorized remote access. The goal is that after companies see the capabilities of the device, they will be more cautious about the devices they are allowed to connect to their networks.
“The ability to push the boundaries of defense requires you to understand offense,” Sprague said. “A computer programmer has to be aware of security so he doesn’t do vulnerable things in the first place.”
Hamman said, “Through years of diligent effort, Ben has developed an elite level of skill. In the world of cyber operations, it fills a very valuable niche – the deeply technical ability to find and exploit vulnerabilities.”
Sprague added that in addition to a strong cybersecurity program, Cedarville offers a unique environment to teach hacking skills.
“The core of ethical behavior that’s already built into our program fits well in the area of teaching people how to do dangerous things,” he said. “It would be really scary teaching students how to attack computer systems if they weren’t also trusted to be ethical in their approach.”
Submitted photo Dr. Seth Hamman, director and associate professor of cyberoperations at Cedarville University, works with students at Cedarville’s cybersecurity computer bay.