The field of ‘ethical hacking’ has been around for a while. The basic idea is that instead of using their hacking talents for evil, hackers could earn a legitimate income defending organizations from hacking attacks.
Unfortunately in this world, talented people often go wherever the money is. And even the highest paying ethical hacking jobs pale in comparison to what one could make on the black market hacking scene.
However, even the FBI uses criminals to solve crimes from time to time. And tech companies are starting to think along a similar line of logic. By hiring criminal hackers, some companies are wondering if they would be better able to defend themselves – and their PC security systems – from attacks in the future. After all, who could expose in-house system vulnerabilities better than a hacker?
The issue was brought up earlier this week at a Black Hat conference in Las Vegas. At that conference, attendees discussed numerous cases where ‘evil’ hackers turned away from the dark side to help the good guys. In 1999, for example, a hacker named Kevin Mitnick was released from his five-year prison sentence for hacking into the FBI’s security systems. Once described as the “world’s most-wanted hacker”, Mitnick now makes a legitimate living running his own security consulting firm. He shows companies where their vulnerabilities could lie, then works with them to close these loopholes.
Mitnick isn’t the only one. There are several notable examples of hacking talents being used for good. But unfortunately, the general consensus was that there are too few cases where hackers start using their talents for good.
What happens when hackers start using their talents for ‘evil’? Over the past few years, hackers have leaked data from some of the world’s largest websites, including Yahoo, LinkedIn, Sony, Nvidia, and several others. These companies might invest millions of dollars into system security, but they still have trouble defending a concentrated attack. By hiring experienced hackers onto their team, they could see where their vulnerabilities lie.
Showing young hackers a better way
Hacking is an interesting industry because it’s largely composed of talented young individuals. Many hackers begin their coding careers at a young age. They might still be in high school or college, for example, while learning how to target security vulnerabilities. Due to the profit, fame, and entertainment value of hacking, it’s a natural path for young people to take.
In order to draw young, skilled individuals away from illegal hacking, the conference proposed a fundamental shift in the way society views hackers. Instead of forcing hackers to give up their profession after being caught, why not turn them into useful, contributing members of society? Why not put their hacking skills to work for legitimate companies and government organizations?
That might sound crazy to some people, but it has proven to be a successful model in China and India – two countries that are rife with young, talented individuals with growing access to the internet. In both China and India, hackers are given opportunities within state-run organizations and companies. Sometimes, these hackers have already been imprisoned for their actions. Other times, they haven’t yet been caught. In either case, after working for legitimate companies (at an attractive salary, no less), they begin to contribute positively to society.
For more information about companies hiring hackers, read this article by Information Technology. The article states that demand for hackers has rose by 471% over the last three years. Clearly, China and India aren’t the only two companies that have caught onto the trend of hiring skilled hackers.
Ultimately, like many industries, hacking becomes a battle between legitimate businesses and illegal organizations. While illegal hacking might pay more money, legal hacking is a safer career with dependable, legitimate income.
Now, the only question is: which path will young hackers choose – legal or illegal?