AUSTIN, Texas — When was the last time you had to get a new credit card because someone hacked it? It's frustrating when criminals find a way to steal something you own. There are Austin interns who have been hacking into products this summer so criminals can't.
IBM has an office in Austin that includes the headquarters for the company's X-Force Red, which is made up of what some call "ethical hackers." IBM's hackers are hired by companies to break into their buildings and networks so they can find and fix their security issues before criminals are able to.
It's a program IBM decided to allow interns like Michael Mitchell – who is about to be a senior at the University of West Florida – to be a part of. As a cybersecurity major, working for IBM's X-Force Red team is exactly what he wanted to do.
"Putting papers into a filing cabinet, you can do that anywhere," Mitchell said. "Being able to leave a university that can only teach you so much and then go to the bleeding edge of an industry and get to experience that firsthand is a unique experience."
This group will break into many types of things, ranging from actual safes to websites to business identification card readers. Daniel Crowley is the research baron for X-Force Red, assigning products and budgets for the other members. Figuring how things work and hacking into them started as a hobby for Crowley before he turned it into a career.
"It's about really getting your hands dirty," Crowley said. "It's about really coming to understand how things work. We can be there to find those problems and get them fixed before a crime can happen."
Anna Zeng is another intern who said her approach to fixing problems has changed since coming to IBM.
"What are the things that I can think of to create to solve problems?" Zeng said, speaking to how she used to think. "Now I think about what is already out there in the world right now that already exists. I want to know how I can understand it to see how it's being used incorrectly or to find places where I can potentially break in."
Charles Henderson is the global managing partner and head of X-Force Red. He said X-Force Red has grown into something much bigger than anticipated.
"This started three years ago with four people," Henderson said. "We now have 200 people globally. We are the devil's advocate for security. People hire us to make things break."
It's also not just about discovering problems; it's about finding answers as well.
"We don't want to tell the world, 'Hey, you're vulnerable to this attack and there's nothing you can do – goodbye, good luck,'" Henderson said. "We want them to be able to fix it."
Joining the team is not as easy as Henderson said IBM has to make sure it is something they can trust to get the job done and use the gained information to help the companies.
"We know most of the people we bring in for a substantial amount of time before we bring them in," Henderson said. "Our entire industry is built on trust as well as capability."
Henderson also said there is a lot of pressure to get the job done since the next person to do so could have bad intentions.
"Criminals only care about the target itself," Henderson said. "If we service a client, miss something and then a criminal finds it, that's a very bad outcome."
IBM also publishes the issues its team finds in order to help people and companies who might have similar products or networks. Hannah Robbins is about to be a senior at the University of Tulsa, majoring in computer science. She actually interned with X-Force Red last summer and was able to write up a report on some security issues she found for a company.
"There's this feeling of realizing that you've made a company and a product more secure," Robbins said. "Being able to work with other people on your team really gives you the ability to find all the different vulnerabilities in a product."
Each of the interns had a vulnerability research project this summer that they will all present Wednesday to Henderson and the X-Force Red Team.
PEOPLE ARE ALSO READING: