Story image

Gemalto's perspective: Hacking for the greater good

29 May 2017

The recent global ransomware attack WannaCry devastated over 150 countries including Australia, with 12 victims confirmed to have been hit by the attack. While this number is only a glimpse into this particular ransomware’s affect, it is still an accurate reflection of  vulnerability. Evidently, the cyber landscape is now a battleground.

If we take a step back and also look to previous security incidents, we’ve also endured the malware attack on Australia's Bureau of Meteorology in 2015 and the Menulog data breach, which saw 1.1 million records of customer names, addresses, order histories and phone numbers exposed.

It is because of these attacks that businesses are now shifting their attitudes and responses in regards to cybersecurity. In fact, Australia's Turnbull Government announced in the 2017 budget that the Bureau of Meteorology will receive an additional $200,000 in funding for improved security and resilience following the 2015 cyber-attack.

While this is of course, a welcome change, the cyber landscape is still an increasingly complex sector and private enterprises and public entities are looking for additional ways to better protect information and preserve the integrity of their data. In fact, people are now being recognised as a powerful tool to solve these problems. As such, the negative perception surrounding hackers is shifting.

Ethical hackers are now one of the most important and effective tools at strengthening collective security and making the cyber landscape safe and accessible for all. And as we look to hackers for help, it’s natural for us to wonder – what makes a great hacker?

Anatomy of a hacker

Through technology, it is possible to become a good hacker, but hard to become great. Great hackers have four critical personality traits – they are social, curious, adaptable and motivated.

Curious

Great hackers have a natural curiosity. They continually ask why a certain system works the way is does, how an organisation operates, what the responsibilities of their victim are or their psychology – until they get down to the very root of that technology or person. Assumptions and opinions that have not been vetted through curiosity are a sure-fire way to be unsuccessful, or worse, get caught.

Social

Time and time again, it is people that have proven to be the weakest link in terms of cybersecurity, and a great hacker recognises this weakness. They invest the time in understanding the psychology of who they are attacking because from understanding how their victim thinks and operates, they can find vulnerabilities to exploit.

Adaptable

To be successful, hackers need to learn from their triumphs and failures, and especially from the community at large. They need to adapt their tactics, techniques and procedures to accomplish what they set out to do and to avoid being caught!

Motivated

The majority of hackers that people are accustomed to are the ones with malicious intent. However, the hackers that businesses need are those who are motivated to protect the people and organisations that could be potential targets. It’s that very motivation that is the biggest differentiator between who hacks to protect the integrity of data, and who hacks to disrupt it.

There’s no question that given today’s threat landscape, leveraging great ethical hackers to protect the integrity of data and our access to information is a logical way forward. These are the people with the capabilities and these are the people who are able to navigate cyber space and operate within it.

However, like any business decision, we need to ensure that these individuals are not only the right fit for our organisation, but also have a strong moral compass, and ultimately will help make cyberspace safer for all.

Article by Graeme Pyper, regional director, Australia and New Zealand at Gemalto.

Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.
Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.