Cyber Saturday—Trump’s Hacking Trophy, Huawei’s ‘Backdoors,’ Maersk’s Ransomware Lesson

President Donald Trump signed an executive order on Thursday that aims to strengthen the country’s cybersecurity workforce.

The order laid a number of sorely needed federal initiatives. Among them: standardizing job listings to help cybersecurity workers more easily move around government, creating a rotational employment program between the Department of Homeland Security and other agencies, establishing awards for elementary and secondary school educators who foster cybersecurity talent, and incentivizing people to learn and master hacking skills through new “awards and decorations.”

Perhaps the most interesting part of the document called for a “president’s cup cybersecurity competition.” The goal, the directive states, “shall be to identify, challenge, and reward the United States Government’s best cybersecurity practitioners and teams across offensive and defensive cybersecurity disciplines.” The order mandates that such a contest, intended for both military and civilians, will take place before the end of the year. Winners are set to earn a minimum cash prize of $25,000.

The order won kudos around the Hill. Rep. Bennie G. Thompson (D-MS), chairman of the committee on homeland security, and Rep. Cedric Richmond (D-LA), chairman of the committee’s cybersecurity, infrastructure protection and innovation subcommittee, said in a joint statement that the order “signals the start of a real national effort to grow and diversify the cyber talent pipeline.” Congressman Jim Langevin (D-RI), cofounder and cochair of the congressional cybersecurity caucus, praised the order for recognizing people who “too often [do] unheralded work keeping us safe.”

Games can be a highly effective way to develop, retain, and reward talent. Look no further than another national cybersecurity contest, the 2019 National Collegiate Cyber Defense Competition, for proof. Jake Smith and Daniel Chen, both members of this year’s winning team, interns at Raytheon (a sponsor of the contest), and students at the University of Virginia, said the reason they became interested in cybersecurity in the first place was due to CyberPatriot, another similar contest sponsored by the Air Force Association and aimed at high school-level participants.

“I didn’t know much about cybersecurity before [CyberPatriot], but I found my passion and I definitely want to go work in the industry,” Smith told me soon after wrapping the final tournament match. Contests such as these help people break into the industry by offering hands on experience, he said.

Of course, the government still needs to figure out some of the details for its own cup. It remains to be seen how the contest will handle people who deal in classified areas, for instance, as they are often restricted from participating in such public affairs.

Surely, The Cyber Apprentice’s show-runners will find a solution.

Robert Hackett


Welcome to the Cyber Saturday edition of Data Sheet, Fortune’s daily tech newsletter. Fortune reporter Robert Hackett here. You may reach Robert Hackett via Twitter, Cryptocat, Jabber (see OTR fingerprint on my, PGP encrypted email (see public key on my, Wickr, Signal, or however you (securely) prefer. Feedback welcome.


Unicorn hunters. Companies preparing to go public are required to disclose risks to their businesses. In this context, Slack said in a recent regulatory filing with the Securities and Exchange Commission that it faces threats from “sophisticated organized crime, nation-state, and nation-state supported actors.” Other so-called unicorn tech startups that recently went public, or that are preparing to go public, such as Uber, Lyft, Pinterest, and PagerDuty, warned prospective investors about the potential for “unauthorized access” to their systems. Interestingly, only Slack listed potential adversarial groups, as Motherboard points out.

Close the door behind you. British telecom giant Vodafone found “hidden backdoors” in gear manufactured for Italian consumers and businesses by Huawei, the Chinese telecom equipment maker, Bloomberg reported. Vodafone disputed the characterization of this seeming threat and said the issues had been resolved in 2011 and 2012. Security experts piled on, criticizing Bloomberg for its sensationalist take: the supposed backdoor in question was actually an improperly documented Telnet service, commonly used by technology vendors for debugging and diagnostics. In other semi-related news, British Prime Minister Theresa May has sacked her defense secretary over a belief that he leaked information to the press relating to Britain’s plans for Huawei.

The next Bill Gates? Justin Schulte, a former Central Intelligence Agency computer engineer who was arrested in 2017 for alleged crimes relating to sexual assault, child pornography possession, and leaking national secrets to WikiLeaks, is not taking his detention sitting down. In a court filing, he said he is owed more than $50 billion for “irreparable harm from torture imposed by the Federal Terrorists,” as CyberScoop reports. A taste of his argument: “What if Bill Gates’ life was similarly destroyed by government malfeasance prior to Microsoft?” Schulte wrote. “Would he have been reimbursed the $80 billion he’s worth today?”

If you build it, they will come. The National Institute of Standards and Technology (NIST), creator of a federal cybersecurity framework that serves as a bible for many cybersecurity practitioners, has released a privacy framework. The document lays out how companies can balance business drivers with consumer protection concerns. NIST also published a draft paper on the subject of securing “Internet of Things” devices. And, while we’re on the subject of framework documents, BSA, a tech trade group known as the software alliance, released one covering the development of secure software. These are all meaty documents worth perusing if you’re in the industry.

Hack watch. Hackers appear to have disrupted electrical grid operations in the western U.S. They crept around inside Citrix’s network for six months. They breached a German Internet infrastructure company that works with big companies like Oracle, Airbus, and Volkswagen. And they have been holding Github repositories ransom.

Baby beluga in the deep blue sea of Norway.

Share today’s Cyber Saturday with a friend:

Looking for previous Data Sheets? Click here


Shape up, or ship out. At a cybersecurity conference hosted by the National Cyber Security Centre in the UK, Lewis Woodcock, an executive at the Danish shipping giant A.P. Moller-Maersk, recounted what happened when the company succumbed to “NotPetya,” a crippling ransomware attack, in June 2017. An important lesson for company’s planning a cybersecurity strategy, he said, per ZDNet’s report, was that a data recovery plan is just as important as having defenses in place.

The extent of the cyberattack was so bad that it just didn’t seem possible that something so destructive could have happened so quickly.

“I remember that morning–laptops were sporadically restarting and it didn’t appear to be a cyberattack at the time but very quickly the true impact became apparent,” said Lewis Woodcock, head of cybersecurity compliance at Moller-Maersk, the world’s largest container shipping firm.


Flash of a neuralyzer. In the coming weeks, Google will offer auto-delete controls for people’s location history and web and app activity data. The company already offered an “on/off” toggle for this collection. Now people will be able to set a time limit–three or 18 months–after which the company will automatically wipe the details from its memory. “You should always be able to manage your data in a way that works best for you–and we’re committed to giving you the best controls to make that happen,” Google said in a blog post.