Background Image
Previous Page  4 / 24 Next Page
Information
Show Menu
Previous Page 4 / 24 Next Page
Page Background

4 MATHS AND SCIENCES

Arkwright Scholarships

This academic year we have three

new Arkwright Scholars: Anwar

Jouhary (L6N), Simone Luis (L6W),

and Hasha Dar (L6N). They will

receive their awards in November

at a ceremony to be held at the IET

in Savoy place.

The Arkwright Scholarship Trust’s mission

statement is “We identify, inspire and

nurture future leaders in engineering,

computing & technical design.” The award

process starts with an aptitude test early

in the spring term of the candidates’ fifth

year. Candidates who pass this aptitude

test are then invited to interview around

Easter time. Those who are selected at

interview are sponsored by companies

or charities for the duration of the Sixth

Form. The award is a prestigious addition

to the scholars’ CVs and is worth £300 for

each year of the scholarship. Sponsoring

companies often invite their scholars to

visit their companies.

Matthew Wood, U6S is a current holder

of an Arkwright Scholarship. During the

summer holidays he attended a course

to which he was invited by his Arkwright

Sponsors (GCHQ).

The CyberFirst Advanced course is a

five-day residential course held at a

small number of universities. The course is

organised by NCSC (National Cyber Security

Centre), QA (a professional IT training

company) and The Smallpeice Trust (a

charity promoting careers in engineering).

This means the course addressed real

world security issues that would have been

presented to IT professionals.

The first day entailed open source

intelligence, which is the collection of

data from public sources used to gain

information about an individual or an

organisation. We started off by finding out

as much about each other as we could,

simply by their name and what they looked

like. We were told about the AOL data

breach in 2006 and the problems it caused.

We were also shown how DNS lookups

worked to help us show which website

belonged to which domain and how to

use websites such as

‘who.is

’ to discover

counterfeit websites wanting to steal

information. We were shown how to use

the robots.txt of a domain to find hidden

websites and how to reverse image search

pictures to find where they were from and

finding the geolocation tags of pictures

to find where they were taken. So much

personal information can be found solely

from a picture uploaded online; luckily

most pictures have the geotag removed

when uploaded.

The next day we were taught about

the work of penetration testers. I had

access to an operating system called

Kali Linux, which is used by Advanced

Penetration testers. To introduce

us to penetration testing, we were shown

a route on how to get into Windows 7

computers without a login; this

route took time, but was possible.

Luckily this bypass has long since been

patched. Next we were taught how to

scan machines on Kali Linux to check

information such as boot times. This

is useful for ‘hackers’ to find out when

people are active on their machines. We

were then shown the endless number of

ways to crack passwords. We were shown

how Metasploit could be used to create

a malicious payload to gain access and

control computers remotely. We learnt

how SQL injections worked by causing

syntax errors. This allowed us access to

the backend SQL server and gain more

information than intended, however this

could be simply solved by changing the

security of a website. We were also shown

how to Heartbleed: the process of sending

large text files and receiving the dumped

RAM of the server back.

Thirdly we learnt about encryption and

were introduced to different ways of

encryption such as the one time pad,

which is one of the most secure ways

of hiding information. We were shown

a demonstration of the Enigma, and its

history during and prior to WWII. We then

were taught how to use Wireshark,

a piece of software which allows us to

look at the traffic of networks. I learnt

about steganography, the act where

images or text documents could be hidden

in other images.

Our final subject was digital forensics; the

recovery and discovery of information

hidden in files, ranging from deleted folders

to broken hard drives. They introduced

this to us by getting us to change the text

documents to different file types and to

observe the encoding changes. We file

carved files to find hidden or deleted text

documents or pictures within other files.

It showed me how information could be

recovered from deleted data even after it

was removed from the recycle bin.

On the last day we played a team game

using our knowledge of everything on the

course to help us gain information about

a made-up situation. We both worked as a

team and used our individual skills to help

us win as a group.

Numerous lectures were presented

throughout the course, from cybersecurity

specialists such as; the different jobs that

are involved in cybersecurity, the evolving

world of IT and how to protect yourself

from cyberattacks. In the evenings we had

different events, a movie night, a laser

quest night and a pizza night.

Overall I thoroughly enjoyed the course

meeting a number of like-minded people

from across the country, and I would highly

recommend it to anyone interested in

computer science or cybersecurity.

1 2 3 4 5 6 7 8 9 10 11 12 24  FlippingBook