At the age of 13, Dhruv Maheshwari became the youngest CISCO certified cyber ops associate in the world. A year later he became the youngest person in the world to be become an eLearnSecurity Junior Penetration Tester at just 14 years of age.
He has appeared on TV to talk about his love of all things cyber after being invited on to Dawn French’s Little Big Shots and Live at Five on STV. Now he has kindly provided this exclusive guest blog for us, to help inspire other young people to develop the right digital skills to pursue a career in cyber security.
How did your passion for all things cyber start?
I remember that day like it was yesterday. My dad’s phone was buzzing like crazy. People were mainly calling to give him money as he had ‘asked’ for money through his Facebook account. Naturally, my dad was gobsmacked and denied asking any money.
He logged in to his account and found messages that he had not typed being sent to his friends. He shouted my name as I was the only tech savvy person around at the moment. He explained the situation and I immediately told him to change his password. This worked and locked out the hacker. It was my very first experience with the fascinating world of cyber security.
My mum also has a PhD in computer science so I guess the nerdy gene runs through the family. I used to use my mum’s old laptop from a very young age and with that I began learning all about the world of computers. Nothing too advanced given that I was nine, but I was always fascinated by it.
Why do you love cybers security so much?
I am very passionate about cyber security because it is an expanding field that takes years of dedication and consistent practice to become an elite penetration tester.
Another reason is the fact that it is an insanely fast moving area: new research is being conducted every day, new vulnerabilities are being discovered, new exploits being developed. It is important to remember that every hour of every day real life people get hacked, real life people get hurt, and real life people could have prevented these hacks.
Just helping other people through this work is enough to make me love it.
Is the school supportive and helping you learn the right skills for a career in cyber security?
My school knows that I have been interested in the cyber security. They have guided me to Cyber Start Games and they highlighted the fact there are graduate apprenticeships available in cyber security, and I’m definitely going to follow that path, as an apprenticeship offers a great opportunity to earn while you learn.
But I do the majority of my learning outside of school. For example, I ordered books on data science and studied them, after which I applied it to cyber security by writing python codes to better understand hashes with the use of Bedford’s law. That was just me and my friend just playing about with data science and cyber security. I am keen to learn more on the subject and update my knowledge on cyber security regularly.
"every hour of every day real life people get hacked, real life people get hurt, and real life people could have prevented these hacks"
Where do you see yourself career wise in the future?
Within 10 -15 years, I hope to be a cyber security researcher. Honestly, I’m not too sure how I will reach there but I do know the best way to get somewhere is to start. So I just keep learning and finding stuff I enjoy. I also have no doubt my graduate apprenticeship in cyber security will stand me in good stead. I want to be a cyber security researcher because the main threats we will face in the future are cyber security issues, like we are already seeing now. And also, finding new, better ways to hack programs and making malware sounds like a lot of fun!
What advice would you give other young people looking to break into cyber security?
The main advice I would give to people wanting to start in the security field is start small. I know it sounds cliché but it is true. I started by simply changing my dad’s passwords. Persistence is key. Some Capture The Flags (CTFs) get difficult and the only way to get the flags is with consistent hard work. I would say that programming is a very important digital skill that you will need. When trying to be an elite pen tester, writing scripts is a very powerful tool in your arsenal. Another important digital skill is learning how to google properly and effectively. There is so much that I don’t know, but whenever I don’t understand anything, I use google to search information on hacking blogs and general computing blogs. They are super useful.
I use a whole range of tools whenever I’m trying to do a CTF or cyber security challenge. I use Nmap, Dirb, Metasploit, hydra, bash programming, Linux, cyber chef, gdb and many more. In fact, I use these so much that I wrote a script to automate this process for me. I simply put in the IP address and it does the work for me. It took me a while to write the script but I did it by learning through google and a large number of blogs and manual pages. I also have a few books on the topic that I refer to whenever I need help.
