As Cybercrime grows in complexity and sophistication, the corporate world is increasingly hiring White hat hackers to join the defense side of the cybercrime equation. While the strategy may be a move the right direction, experts believe the war against cybercrime will only be won if these researchers are fully involved in every stage of product development.
With the advancement of the Internet of Things (IoT), the world is witnessing an explosion of smart devices, from watches, TVs, Fridges, thermostats to baby monitors, which are now connected to the Internet. What many don’t know is that every new additional device comes with a new cyber security flaw that criminals are looking forward to exploit. The problem arises because most of these internet connecting home appliances and offices devices are design with little or cyber security consideration.
Keeping up with Cyber criminals in such an environment where literally every device is a potential threat is biggest challenge of the 21st century. However in an effort to secure the internet of things, companies are increasingly hiring hackers to help test vulnerabilities in smart devices before they are released in the market.
White hackers are able test and identify the vulnerabilities long before malicious hacker lay their hands on the devices. The tactic, hailed by many experts, ensures the company is always one step ahead of hackers and brings the much needed cyber security consideration in designing of products.
One such expert, is Michael Murray, a white hacker who hacks medical equipment and devices for a living. As the head of GE Healthcare’s Cyber security consulting and Assessment team, Murray and his team are charged with the responsibility of unearthing security holes in GE medical equipment to ensure malicious hackers never exploit the flaws, some of which could risk the life of patients. To Murray, his job is all about making cyber-security consideration during the development cycle of a product rather than having it as an afterthought.
“I’m [still] breaking lots of stuff. I’m just breaking it before it gets to the customer to make sure bad things don’t happen to people out in the world,” says the former managing partner of MAD Security, an security consulting firm.
White hacker are not new in the corporate landscape, but for a long time, many organizations viewed them as trouble makers who expose vulnerabilities and invite hackers to their systems. But with the recent evolution of cybercrime, the paradigm is shifting and more firms are recognizing the importance of employing white hat hackers to expose vulnerabilities before malicious hacker exploit them.
That notwithstanding, Murray believes the explosion of the internet Things in the modern world, calls for security researchers to do more than just exposing vulnerabilities. It is no longer enough to sit on the fence pointing out flaws in devices. To win the cybercrime war, white hat hackers must be an integral part of corporate landscape, involved in every step in development of safe products and business systems.
Justine Aitel, a security expert at Hoyos Labs also agrees that the war against cybercrime will be won if we have more experts on the defense side, helping companies to secure their products and systems. “I still see a lot of people on the offense side, and I have all of the respect in the world for those guys. But we need those brains on some other problems” says the self-proclaimed Windows hacker and an advocate of a white hacker perspective in companies’ cyber security and risk management strategies.
The problem is that few researchers are willing to make the job switch and be part of the business side of the equation. However Aitel says, “We need to make the case that it’s cool” to work on the business side of the security equation, not because of the money but because of the impact such a job switch may have on the war against cybercrime.
Top/Featured Image: By FutureMillennium / Deviantart (http://futuremillennium.deviantart.com/art/Hacker-Emblem-Reloaded-112115782)