hacker

now browsing by tag

 
 

Should your business hire a hacker?

Source: National Cyber Security – Produced By Gregory Evans

Should your business hire a hacker?

Chris Pogue was given the Tech Express treatment by CBR’s Ellie Burns, with the Nuix CISO looking into the recruitment of hackers.

EB: Why would a company want to hire a hacker?

CP: It’s well-known across the board that there is a shortage in cyber security skills in the UK and abroad. It can be beneficial for organisations to turn to those who already have a depth of security knowledge to bridge the gap, and often it is the case that the people closest to these matters are former hackers. Whilst many may be put off by hiring someone labelled in a presumably derogatory manner, hackers have a tremendous wealth of experience which is invaluable to security teams. Ex-hackers or penetration testers have an understanding of the inner workings of a cyber criminal’s mind better than any trained security professional. According to the Nuix Black Report, many hackers and pentesters have indicated that the only difference between the work they perform, and those of a criminal is a statement of work; the tools, techniques, and methodologies are all the same.

They can provide insights into how organisations become compromised and can help protect against these methods. In warfare, General Sun Tzu said:

“IF YOU KNOW THE ENEMY AND KNOW YOURSELF, YOU NEED NOT FEAR THE RESULT OF A HUNDRED BATTLES. IF YOU KNOW YOURSELF BUT NOT THE ENEMY, FOR EVERY VICTORY GAINED YOU WILL ALSO SUFFER A DEFEAT. IF YOU KNOW NEITHER THE ENEMY NOR YOURSELF, YOU WILL SUCCUMB IN EVERY BATTLE.”
The quote holds as much meaning today as it did thousands of years ago. Hackers can provide that rare perspective into the mind of the enemy, as well as helping security teams understand that security is more than just a policy on a paper or an anti-virus programme.

EB: What skills do hackers have which would benefit the business?

CP: Former hackers are often people who have been studying and researching security controls and protocols from a very young age, and consequently have an unrivalled depth of technical knowledge and creativity. They also know the best tools and techniques that can be used to infiltrate organisations. According to the Nuix Black Report, which surveyed cyber attackers, 88% of hackers say they can compromise a target in under 12 hours. Most businesses won’t even realise they’ve been breached and realistically won’t be able to mount any sort of defence before it’s too late. These numbers highlight the need for a well-trained response team with a diverse range of skills, using cutting-edge technology and actively monitoring for threats, in conjunction with expert knowledge and field experience.

EB: What is the advantage of hiring hackers instead of training/reskilling staff?

CP: Former hackers have a unique insight into a world which is largely closed off to the corporate world. Someone who comes from that background has an understanding of criminal motivations that a business professional simply would not be able to emulate through training alone. Enterprises need people who can think differently and creatively, as the criminal world is currently much more agile than those defending. A former hacker can help defence teams stay ahead of the curve on potential threats by teaching them how to recognise attack patterns.

EB: How do you attract hackers for corporate roles?

CP: Attracting hackers to corporate roles is a huge challenge facing the industry, as many are tempted into a life of crime by monetary gain, and the idea of achieving status among their peers. One way we can challenge this is by offering engaging roles which allow creativity and freedom. We need to be engaging with hackers early and showing them a path to success working with organisations instead of against them. This is approach can be effective, but businesses should anticipate it to be expensive. Their skills are highly specialised, and highly sought after – so be ready to pay significantly more than you would pay for traditional IT staff.

EB: What would be your top tip for a business looking to hire a hacker?

CP: A recent study from the UK National Crime Agency found that young people are lured into a life of crime from a very young age, with the average age of a convicted cybercriminal being 17. For those in charge of recruitment, a criminal record will almost certainly ring alarm bells, and rightfully so. While there are risks involved, in general there needs to be a cultural shift in the corporate sector which lifts the stigma of hiring someone with a somewhat tenuous past. Young people need to be able to see that there are lucrative opportunities out there for people with their skills, outside of the criminal world.

Source:

The post Should your business hire a hacker? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Vigilante Hacker is Trying to Save Us From Ourselves

Source: National Cyber Security – Produced By Gregory Evans

Vigilante Hacker is Trying to Save Us From Ourselves

Surely we’re all aware that cyber attacks are getting worse and it’s because there’s been thousands of unsecure, internet-enabled devices hitting the market. These can range from light bulbs you can control with an app to classic printers, but many …

The post Vigilante Hacker is Trying to Save Us From Ourselves appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Teenage hacker makes £ 400,000 by hacking 1.7 million Xbox Live and Minecraft accounts

Teenage hacker makes £ 400,000 by hacking 1.7 million Xbox Live and Minecraft accountsSource: National Cyber Security – Produced By Gregory Evans Teenage Hacker named Adam Mudd is said to have made £400,000 by selling a nasty virus to fellow hackers which led to the crash of more than 1.7 million Xbox … The post Teenage hacker makes £ 400,000 by hacking 1.7 million Xbox Live and Minecraft […]

The post Teenage hacker makes £ 400,000 by hacking 1.7 million Xbox Live and Minecraft accounts appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

IT security faces huge challenge, says hacker ‘Mafiaboy’

Source: National Cyber Security – Produced By Gregory Evans Michael Calce’s parents knew there was “something rather unique” about him when he was five years old, he says. Handed a computer with unlimited internet access as a child, the Montreal-raised Calce is the infamous as “Mafiaboy”, who in February … The post IT security faces […]

The post IT security faces huge challenge, says hacker ‘Mafiaboy’ appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Canadian judge denies bail to alleged Yahoo hacker

Source: National Cyber Security – Produced By Gregory Evans

A judge denied bail Tuesday to a Canadian man accused in a massive hack of Yahoo emails. Karim Baratov, 22, has alleged ties to Russian agents and access to significant amounts of cash, making him a serious flight risk if …

The post Canadian judge denies bail to alleged Yahoo hacker appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

FBI Arrests Hacker Who Hacked No One

Taylor Huddleston woke early on December 6th, hours before the Arkansas winter morning would stir to life with the sound of roosters and dogs. Since selling off the last piece of his software business two months earlier, Huddleston had nothing … View full post on National Cyber Security Ventures

Cyber security: Experts warn on rise of hacker ransoms

Source: National Cyber Security – Produced By Gregory Evans

Smartphones, watches, televisions and fitness trackers could be used to hold people to ransom over personal data, cyber security experts have warned. Ransomware, which makes devices unusable until their owners pay to unlock them, has become increasingly prevalent in the …

The post Cyber security: Experts warn on rise of hacker ransoms appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hacker of a High School Soccer Portal Gets Two Years Prison

Source: National Cyber Security – Produced By Gregory Evans

A computer attacker was sentenced on March 8 for a maximum of 2-yr period when he would serve the federal jail for hacking into a fan website for a high school soccer team in Ohio 4-yrs-and-more back. The Department of …

The post Hacker of a High School Soccer Portal Gets Two Years Prison appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

D-Link resolves enterprise switch hacker risk

D-Link resolves enterprise switch hacker risk

D-Link has resolved an authentication bypass flaw in one of its enterprise switches. Flaws in the vendor’s DGS-1510 enterprise switch kit, discovered by security researchers Varang Amin and Aditya Sood, were resolved with a firmware update (pdf advisory here). Left … View full post on National Cyber Security Ventures

Hacker convicted on 26 counts related to American Express scam

Source: National Cyber Security – Produced By Gregory Evans

Hacker convicted on 26 counts related to American Express scam

A Sacramento federal jury on Tuesday convicted 37-year-old Mihran Melkonyan on 26 counts of wire and mail fraud related to an international hacking operation that enabled cyber criminals to steal hundreds of thousands of dollars from American Express cardholders. Melkonyan, …

The post Hacker convicted on 26 counts related to American Express scam appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures