<p><img src="https://static5.businessinsider.com/image/5fca590e037cbd0018613d8a-2400/img_3335 (1).jpg" border="0" alt="Ang Cui" data-mce-source="Red Balloon Security"></p><p></p><bi-shortcode id="summary-shortcode" data-type="summary-shortcode" class="mceNonEditable" contenteditable="false">Summary List Placement</bi-shortcode><p>The box arrives in the mail containing a hard drive, an adapter, a cryptic note, and several cartons of Nerds candy.</p><p>"Hello Comrade!" the type-written note reads. "Welcome to your quest!"</p><p>Recipients are informed that locked inside the hard drive is 0.1337 Bitcoinworth roughly $4,680 at the time of writingalong with a set of GPS coordinates. (The very specific amount of Bitcoin is an in-joke: a tongue-in-cheek reference to "1337," hacker-speak for "leet," itself short for "elite.") </p><p>If the recipient can crack the hard drive's encryption and claim the cryptocurrency, they're instructed to use their winnings to purchase a ticket to New York City to meet the box's sender at the location provided.</p><p>It may sound like a plot device from a spy novel, but the package is in fact a technical interview for a job as a cybersecurity researcher at Red Balloon Security. The test is meant to identify job candidates with the skills and passion that align with the job requirementsand it shows the creative lengths security firms will go to in order to find talent that matches the niche skill set their positions demand.</p><p><img src="https://static4.businessinsider.com/image/5ff88834bde805001980be22-2400/IMG_3827.jpg" border="0" alt="Red Balloon hacker test" data-mce-source="Aaron Holmes/Business Insider" data-mce-caption="Red Balloon job candidates receive a mysterious package in the mail containing a puzzle they have to solve in order to get hired."></p><p>The field of cybersecurity is only growing, but demand for talent is rapidly outstripping supply. Contributing to that <a href="https://www.businessinsider.com/cybersecurity-salaries-pay-cloudflare-mcafee-fireeye-crowdstrike-palo-alto-networks-2020-12">talent gap</a> are many factors: The field is growing faster than higher education programs can train new specialists, even as the cybersecurity industry itself is perceived as niche and hard to break into.</p><p>Red Balloon designed its unorthodox hacker test to both entice potential applicants with the challenge, while also selecting for people with the skills necessary to work there, founder and CEO Ang Cui told Business Insider.</p><p>"We're a small company, we're looking for a very niche type of security person, and we don't have the massive amount of human energy to waste on screening through every single resume," Cui aid. </p><p>Founded by Cui in 2011<strong>,</strong> Red Balloon specializes in internet-of-things security, also known as embedded systems security. The firm focuses protecting against hackers trying to break into internet-connected devices ranging from printers and security cameras to Amazon Alexa-powered speakers and <a href="https://www.businessinsider.com/snoo-smart-crib-hacked-security-researchers-shake-at-dangerous-speeds-2020-4">cribs</a>.</p><p>The firm's business hinges on security consulting for large tech companies and public sector clients, and it licenses its own own technology to secure clients' firmware. Its past customers include Siemens and the ATM maker Nautilus Hyosung, and it previously led a Department of Homeland Security-funded research initiative. Red Balloon raised $21.9 million in Series A funding in 2018, according to <a href="https://www.crunchbase.com/organization/red-balloon-secrurity">Crunchbase</a>.</p><p>Because of its narrow focus, the firm faces a recruiting dilemma that's common in cybersecurity: its area of specialization involves brand-new technology, so there's no single established education or career pipeline feeding a distinct talent pool. Cui said the technical test is designed to select for people with hacking know-how who can teach themselves how to solve a problem they've likely never encountered before.</p><p>"We're one of the few companies in the world that do this, outside of various intelligence agencies," Cui said. "This is not something that schools teach."</p><p><img src="https://static4.businessinsider.com/image/5ff8a598bde805001980bed4-2400/IMG3828.jpg" border="0" alt="Red Balloon" data-mce-source="Aaron Holmes/Business Insider" data-mce-caption="Red Balloon job applicants receive this letter as part of their &quottechnical interview.&quot"></p><p>The test itself is deceptively simple. With sparse instructions included in the typewritten note, applicants are guided to make changes to the hard drive that would be permanent and invisible to others who access its operating systema feat that was long believed to be impossible in the hacker community until the Russian cybersecurity firm Kaspersky <a href="https://usa.kaspersky.com/blog/equation-hdd-malware/5143/">published findings</a> documenting such an execution in the wild in 2015.</p><p>Red Balloon is generous with its test materials, sending them out to almost everyone who applies, according to Cui. So far, the solve rate for the hacker test is around 1%, he said, adding that Red Balloon regularly changes parts of the test to make sure applicants can't share their work online. The New York-based company has 29 employees, six of whom have joined in the past year.</p><p>"If I send out 150 to 200 pounds of hard drives, I will typically get back one human team member," Cui said. "It's a worthy investment."</p><p><a href="https://www.businessinsider.com/red-balloon-cybersecurity-hacker-test-job-application-bitcoin-iot-2021-1#comments">Join the conversation about this story »</a></p> <p>NOW WATCH: <a href="https://www.businessinsider.com/worlds-most-expensive-liquid-thoroughbred-horse-semen-2020-3">Why thoroughbred horse semen is the world's most expensive liquid</a></p>
Click here to read full news..
