Today we're looking at Chenny's story.
How did you get started in cybersecurity? When did you first become interested in hacking?
I showed strong interest in technology ever since I was very young. My parents bought our family computer when I was 3 years old in 1998. Thanks to that, I grew up with technology and computer in hands. My first hack is related to a single player role-play game - The Legend of Sword and Fairy. It was first released in 1995 running on windows DOS and the series has been regarded as one of the most iconic Chinese RPG series ever made now.
There were many mazes, challenges and combats in the game. In order to move on with the storyline, you need to spend hours level up. I was so curious about the story but got stuck with every BOSS-fight.
Then I wondered if there were any easier way to bypass the ‘BOSS’ and move to next level, or if I could easily get some equipments without truly spending more than 10 hours in the maze to dig and find it. After doing some research on the internet, I found someone else developed a ‘cheating’ software to run and modify the game. (like the bot or plugin cheater for games these days).
So I run the software and changed the game settings. That was my first hack at the age of 8 (maybe doesn’t even count as a hack, and it is indeed very dangerous to run unknown developers’ software ! )
I was so fascinated by this ‘Magic’ and then started my hacking exploring journey on the internet. It was also because of a game – Hacknet which brings me officially into the cybersecurity area. Before that, hacking was just my own interest and hobby. I never thought one day I could work as an ethical hacker ! (just like a dream).
My major was mathematics and Economics for the bachelor degree and I was planning to get into the financial industry when I graduated. (Since many people say financial industry is profitable haha ) However, the game totally changed my mind and made myself dare to follow my heart to do something I really like instead of doing what other people say.
What skills do you think are important to be successful in cybersecurity?
Curiosity and passion! Without the two things, things in the cyber world will be tough and boring. Then read more articles and do hands-on practice. CTF is a good practice for improving skills
Although things are starting to change, IT has traditionally been a male-dominated field. Do you think more needs to be done to encourage more women into the industry? How do you think the industry can encourage more women to pursue cybersecurity?
The cybersecurity industry is a male-dominated one. But the problem isn’t that there are too many men in the industry, but rather that there are not enough women. Encourage more women into this field will bring benefits to gender-balanced infosec teams including:
- Helping to bring different perspectives to the table
- Changing the status quo to improve internal and external perceptions
- Providing learning and growth opportunities
I think organizations should motivate and help women who are starting out in their cybersecurity careers. Learning about what challenges women may face and being armed with potential solutions can make entering and staying in the cybersecurity industry more manageable.
What types of resources have you found most useful for learning security? (Videos, courses, blogs, qualifications)
- Courses – Pentester Academy , Offensive Security
- Ethical Hacking articles https://www.hackingarticles.in/
If you want to learn theoretical concepts, EC-council will be a good option
Offensive Security – always the best place to get hands on practice and exam. The certifications are tough to get but definitely worth it !
SANS – GPEN, GIAC (I personally prefer Offsec certs)