Evertise
22 Jun 2022, 19:24 GMT+10
For decades, law enforcement and investigators have used undercover agents help crack their toughest cases. How better to learn about how criminals behave and how they commit their nefarious acts by putting someone right on the front lines to behave like the criminal and share information with 'the good guys?'
The same principle of undercover agents is being put to use in the information security world, with the growing reliance on certified ethical hackers. While the idea of an 'ethical hacker' might seem like an oxymoron, there are talented individuals who are willing to put their knowledge of hacking methods to work to help organizations identify their security vulnerabilities and fix them.
Hackers have broken into some of America's largest corporations but now businesses are starting to use them to their advantage.
Companies are hiring hackers to test their systems for security flaws, in fact google is one of a number of firms that asks hackers like Santillana — who are often referred to as ethical or white hat hackers — to try to find security flaws.
"We're curious, we want to test our skills, we want to help these companies," said Santillana. "I've found several bugs where you can completely compromise another user's account."
He works for a firm called Bugcrowd that connects companies, including Pinterest and Western Union, with hackers like himself. He said that the work is as much about the fun — the challenge of solving a problem — as it is about the money. Businesses pay cash rewards, ranging from hundreds to thousands of dollars, to the first person to find a particular bug. They're called bug bounties.
Mobile payments company Square has a bug bounty program.
"So we do everything we can to secure our products and services but occasionally things fall through the cracks," Square's information security technical lead Dino Dai Zovi told CBS News. He said that Square would rather have good hackers help find these problems before malicious attackers do.
"So we aren't just focusing all our efforts on locking the front door when there's a wide open window we don't know about."
Dai Zovi acknowledged it's a bit scary to invite strangers to hack you. But he said it has helped and, so far, they haven't been burned.
Working with an ethical hacker can help reduce your losses in the event of a breach in two ways:
If you are breached, a hacker may be able to locate the vulnerability much faster, preventing an ongoing attack.
When you hire a hacker, you can request that he or she provide an employee fidelity/honesty bond or other insurance coverage that will reimburse you should your company experience losses as a result of their activities.
So while the idea of hiring a hacker might seem absurd at first, it's quickly becoming a widely accepted security practice. Much like an undercover officer can root out criminals more quickly than uniformed agents, a hacker can identify vulnerabilities more effectively than a defender.
Get a daily dose of Tampa Star news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Tampa Star.
More InformationYANGON, Myanmar - A regime court sentenced to death five people detained for their alleged involvement in a deadly August ...
HARTFORD, Connecticut: Following a state Senate debate and vote to approve Connecticut's most comprehensive gun legislation since the laws put ...
SPENCER, Massachusetts: Spencer, Massachusetts Fire Chief Robert Parsons has said that a June 2 fire that burned down a 160-year-old ...
MOSCOW, Russia: Journalists from countries that are "unfriendly" to Russia will be banned from covering this year's St. Petersburg International ...
SAN FRANCISCO, California: Landowners in California participated this week in a class organized by the El Dorado Amador Prescribed Burn ...
RAMALLAH, Wet Bank - A two-and-a-half-year-old Palestinian boy shot in the head by Israeli troops has died in hospitalThe boy, ...
TRAVERSE CITY, Michigan: DuPont, Chemours and Corteva have reached an agreement to pay $1.18 billion to resolve complaints of causing ...
NEW YORK, New York - U.S. stocks were directionless Tuesday as investors had little to digest ahead of next week's ...
MENLO PARK, California: Facebook parent Meta has said that under a trial that could last through the end of June, ...
WASHINGTON D.C.: The Biden administration is expected to approve a deal allowing General Electric to assemble jet engines in India ...
TAIPEI, Taiwan: Taiwan and the United States are set to sign the first deal under a new trade framework, marking ...
NEW YORK, New York - U.S. stocks started the week under pressure on Monday. "Markets are catching their breath after ...