Imagine hiring a professional burglar to test the strength of a security system. It’s not hard to imagine large corporations or military agencies doing something like that. But when it comes to cybersecurity, that very thing is all the rage. They’re called White Hat Hackers, or Ethical Hackers- and they are inhabiting what might be the new wild west of digital security.
Cyber security expert Christopher Rock is a digital gun for hire. He started investigating the world of hackers after a hospital in Melbourne, Australia was attacked. The hacker/s issued 200 fake death certificates. The motivation for the attack was unknown.
So Rock went before a packed room at the 2015 Defcon conference to demonstrate how hackers could exploit common vulnerabilities to bring an organization to its knees. Since that time, the rise of the white hat hacker has been precipitous. Today, companies of all shapes and sizes hire ethical hackers to spot vulnerabilities in their systems, hoping to beat the bad guys to the punch.
In recent years, the U.S. director of National Intelligence listed cyber threats as first among myriad global threats, above terrorism and WMDs. The report read; “We foresee an ongoing series of low-to-moderate level cyber attacks from a range of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security. We saw an increase in the scale and scope of reporting on malevolent cyber activity that can be measured by the amount of corporate data stolen or deleted, personally identifiable information compromised, or remediation costs incurred by U.S. victims”
That may seem like security-hysteria, but to for-profit organizations- especially those dealing in the personal data of their users and financial institutions- it’s tantamount to Defcon 4.
As a response, decision makers in every industry have been clamoring to hire the best hackers they can find. Possibly the most interesting development is that there are hackers at all points along the quality-price spectrum. A small business can hire a hacker cheap, or go large and bid for the most competitive digital guns out there. For companies that can afford to go all out, white hat hackers are tilting the scales in the security war away from the aggressors and toward their targets.
Whether traditional black hat hackers will be able to keep up with the ‘new sheriff in town,’ is yet to be seen. But the face of the cyber security world is rapidly changing either way.