Menu Menu
[gtranslate]

The rise of Ethical Hackers

The logical conclusion to tackling an online world infested with hackers is enlisting more hackers apparently.

The term hacker is generally seen as a pejorative term; ‘they hacked my Xbox account’, ‘my Facebook’s been hacked’, but their talents can be used for good. In reality it just comes down to motivation.

To have any chance of defeating the malicious hackers of this world we obviously need people who understand the ins and outs of hacking. We must think like the enemy in order to defeat them. Simples.


What exactly are Ethical Hackers?

Hacking has been a ‘mixed-use’ term for decades. Hackers can operate on many different ethical levels, which are indicated by the terms white hat, black hat, grey hat. Just like the ol’ spaghetti westerns and Westworld, the white hats belong to the good guys, the blacks are donned by the bad guys, and grey hats sit atop the neutral noggins of those who work for whoever pays the most.

Ethical hackers are the good guys – the white hats. These people who focus on breaking into security systems to show software developers where their weaknesses are, that way they can constantly adapt to combat different forms of hacking and ensure their security systems as secure as possible. They’re frequently referred to as pen tester (penetration testers) too.

 

Does it pay well?

To the uninitiated hackers are thought of as hooded figures looming in the basements of city suburbs cracking into the vaults of massive corporations. But in reality, the most successful hackers are company solicited coding buffs in their late teens to mid-twenties. And they’re loaded.

Big tech companies pay extremely handsomely for bug bounties to ensure their accounts are safe from the Mr Robots of the world. Last summer Apple offered a six-figure reward to anyone who could crack into the core of their iOS operating system in a way that would bypass user interaction – a method hackers refer to as a ‘zero-click full chain kernel execution attack’.

In February 19-year-old Santiago Lopez became the first ever bug bounty millionaire, according to ethical hacker platform HackerOne. Having completed his first bounty at 16 – earning a hefty $50 in the process – he decided to sign on with HackerOne full-time to see if he could make some quick pocket money.

Three years on Lopez has established himself as the firm’s highest rated hacker internationally, having reported 1,600 flaws found in countless platforms including Twitter and Verizon.

His unique talents have allowed him to trade in his modest family home in Beunos Aires for his very own beach house with two extravagant motors on the drive at just 19. Teach me your ways Santi!


Responsible disclosure

Though ethical hackers are trying to do some good (and earn a whole lot of money lbh), the very nature of hacking is enough to unsettle people and it’s largely down to the unrestricted nature of the trade, the hacker’s complete freewill, if you will.

There aren’t many measures in place to combat the public disclosure of sensitive information such as security loopholes, digital assets, and private customer/member information either. It’s a digital playground for the hacker and the black hats can wreak some serious havoc without breaking a sweat. Furthermore, how do hacker platforms like HackerOne ensure their personnel aren’t digging around in places they shouldn’t be?

The potential for blackmail is always there too. In such a niche job huge companies are entirely reliant on the professionalism of their hackers. After isolating a bug, a hacker could hold out for larger rewards before divulging their findings to developers; they hold all the power. It’s no wonder huge companies like Google, Apple, and Twitter offer such top dollar to freelance hackers in the first place.

At its best, hacking can be harnessed to find missing persons, and uncover illegal websites and trades, but at its worst it can be used to reveal private information, to empty bank accounts, and even to tamper with lifesaving equipment in hospitals.

It’s something of an arms race at the mo and the good guys are way outnumbered. We can only hope that the lucrative nature of ethical hacking will persuade youngsters to take up arms against their shady counterparts.

In a world becoming increasingly shaped by technology we have to combat those looking to put us and our livelihoods at risk.

Accessibility