CHICAGO (Tribune News Service) — The room looked like something you'd see in Palo Alto or Mountain View: pizza boxes strewn across a table at one end, young people clustered around computer screens at the other, working in near silence except for the occasional mumble or electronic bleep.
They were York High School students searching for viruses, malware, backdoors, password crackers and other Internet terrors on simulated computer networks. After scanning the contents of one folder, Amelia O'Halloran spotted an ominous file.
"Keystroke logger?" she said.
"That's bad," replied Alaina Bottens.
Their discovery came in the opening minutes of the CyberPatriot competition, in which students aim to lock down virtual computer networks from the threat of hackers and rogue agents. The team from York High in Elmhurst finished first in Illinois last year, and this year hopes to make it all the way to the national finals in Baltimore.
The contest is meant to interest young students in the booming and talent-hungry field of cybersecurity, where tens of thousands of U.S. jobs go unfilled each year despite a median salary of $88,000. As high-profile hacks proliferate, some say that schools, government and industry all need to do more to attract young talent.
"When you think about the 'Internet of things,' where cars and homes are connected, we're going to see an explosion of need (for security workers)," said Michael Kaiser of the National Cyber Security Alliance, an organization that promotes online safety. "We can't grow the Internet if we don't have the people to keep it secure."
The Air Force Association, a nonprofit organization that promotes technical education as a way to enhance national security, started the CyberPatriot contest seven years ago. Retired Air Force brigadier general Bernie Skoch said participation has shot up from eight teams during the first competition to nearly 3,400 teams this year.
They include middle schools, high schools and Junior Reserve Officer Training Corps units, Skoch said. They're given 10 instruction modules that include lessons on ethical online behavior as well as technical skills, and then the competitions begin.
The students are given access to simulated computer networks they must secure against attacks. When they do something right — say, establish a policy that requires sufficiently complicated passwords — a video game-style chime sounds.
But they aren't told when they overlook something, a practice meant to mimic real world conditions, Skoch said.
"We do not release the specific vulnerabilities, just like the SATs won't tell you which questions you missed," he said. "We don't want them developing a checklist mentality. We want them to learn analytical problem-solving as a team."
CyberPatriot is just one of many security contests meant to interest students in the field, and for those who do catch the bug, college programs are proliferating. The University of Illinois at Urbana-Champaign has one that offers scholarships which students pay back with two years of government service.
Roy Campbell, a U. of I. computer science professor who leads the Illinois Cyber Security Scholars Program, said not all of its students come from the engineering school — the program is also open to those seeking law degrees.
"We have a litigious society, and whenever you get involved in looking for criminals and hackers, you must be careful you don't overstep the laws of the land," Campbell said. "You have to know the limits for what you can and can't do."
Kaiser said that's a sign of the varied demands of the cybersecurity industry.
"The technical piece can be taught," he said. "We want people who are excellent communicators, who can talk about what's going on in a system. We want problem-solvers, collaborators. Musicians actually make great professionals because they can see patterns. It's a mistake to think it's only a technical field."
But the York teens are, for the most part, a technically minded group. They created their team last year in the absence of a school coding club, and when they couldn't find an in-house adviser, joined up with Elmhurst College computer specialist Dean Jensen.
They meet at the college on weekends for practice and contests, and one recent Sunday were huddled around a conference table, their laptops aglow as they carved up responsibilities for the upcoming competition.
"It's kind of like a puzzle," said Bottens, a 16-year-old junior who co-founded the team. "You have to find all the different parts. It's most fun if there's an attack on the computer, like a back door or a really big vulnerability that has multiple aspects to it, and you have to go through all the different layers of the computer to find it."
Lisa O'Halloran, Amelia O'Halloran's mother, said her daughter's involvement in the competition has rubbed off on the entire family, encouraging them to avoid downloads from sketchy websites.
"Here they learn a lot about ethics, and how (flouting) the ethics actually damages your computer," she said. "(Amelia) is more strict about that. And when my computer runs slow, she can fix it. She's our tech guy."
Last weekend's contest was a state-level competition pitting the team against others in Illinois. The official results likely won't be in until Monday, but Jensen was optimistic that York's showing was good enough to get them to the regional round later this month. The top three finishers there will win a trip to April's national finals.
Jensen said the York team aspires to reach the nationals this year, and perhaps win it all next year. Regardless of the results, he said the teens are already absorbing lessons from the competition.
"These kids are vastly beyond where the general public is," he said. "You'll look at the studies that come out, and it defies logic that people still use passwords that are '123456' or 'password,' and they think it's perfectly acceptable. These kids would never do that."
©2016 the Chicago Tribune
Visit the Chicago Tribune at www.chicagotribune.com
Distributed by Tribune Content Agency, LLC.