author photo
By Clare O’Gara
Wed | Aug 21, 2019 | 6:45 AM PDT

Cheater, cheater, ethics exam beater.

The U.S. Department of Defense requires cybersecurity defenders to take exams to certify their status as ethical hackers.

Unfortunately, some are suggesting the testing itself may be far from ethical.

A recent investigation by the Fox affiliate in Tampa, Florida, revealed potential problems with the process for those who become certified to work at U.S. Central Command (CENTCOM), which is located in Tampa.

Watch the video segment:

Were ethical hacking test takers given the answers?

FOX 13 News covered the stories of five sources in its investigation, including the experience of Ted Carrier, a cyber defense analyst.

"They called him a mission-essential individual for computer network defense. He was responsible for protecting military secrets from hackers. 

To get certified, Carrier claims he and others got undue help on their ethical hacker exams. He says in March of 2017 the contractor they worked for, SAIC, gave them a printout the day before they took the test that contained the same questions and answers as the test."

He expected "similar questions" to those he had seen in practice but he says the questions and answers on the practice test were exactly the same as those on the exam.

Why would a company help employees cheat on cybersecurity exam?

Why would anyone take a shortcut on skills that are desperately needed right now?

The sources for the story say SAIC's IT contract with the government was up for renewal and it needed as many SAIC employees working for CENTCOM as possible to help with renewal chances.

Jim Restel, a retired Lieutenant Colonel, told the local news station he noticed something had changed with those who were supposedly "certified" as ethical hackers.

"In order to do this job you need to have this core base of knowledge, and all of the sudden you had people who don't have the core base of knowledge accomplishing the duty," says Restel.  

In the end, some like Ted Carrier refused to accept the certification by passing the exam in this way: "I'm not going to unethically take the certified ethical hacker certification."

These concerns over unethical certification makes you wonder if the same practices could extend to the private sector. 

Follow the link below to learn all the details about the alleged cheating going on with the ethical hacking exam.

And if you've taken the test, what was your experience? Drop us a line here: