Feature: Hackers in White, Black and Gray
Most of what we read about hackers is unflattering: They’re the twisted minds who break into institutional, corporate or government computer systems, stealing identities and spreading viruses. Or, they’re snoops, like the ones in China who, Google suspects, are invading its clients’ privacy.
Those are the so-called “black hat” hackers. But, there are also “white hat” hackers, with many of the same skills, who are sought out by big companies, software makers, and governments to test the security of their computer systems.
You can meet them at events like DEFCON.
To the U.S. military, DEFCON stands for Defense Readiness Condition, the level of armed forces preparedness to respond to an attack. During peacetime, we’re at DEFCON 5. But the acronym is also the name of the world’s largest hacker convention. Last year’s featured, among other things, talks on threats to privacy, “preparing for cyber war” and uncovering criminal web servers.
Another draw is the multi-location Black Hat Conference (BHC), providing information about security loopholes, system design, reverse engineering, and more. Both hackers and corporate and government officials give talks, which often involve sensitive and controversial information. Vendors like Cisco Systems also offer training classes that teach advanced techniques.
While its sessions are mostly above board and “white hat,” BHC sometimes lives up to its name. Attendees have hijacked wireless connections of the hotels hosting the event, hacked TV billing systems, and digitally corrupted a hotel lobby ATM. (Even at DEFCON, law enforcement agents regularly patrol and are not required to wear identification.)
Hackers hone their skills in contests and competitions like DEFCON’s Capture the Flag (CTF), where teams of hackers, usually young, attempt to attack and defend computer systems.
In NetWars, part of the U.S. Cyber Challenge, the focus is on computer defense. Players who show potential as future Cybersecurity experts win prizes, scholarships, and opportunities to attend cyber camps to raise their skill level.
Yahoo!’s Open Hack Day features hacking and programming competitions. Winners are often young adults.
Some hackers who may have begun as teenaged pranksters have found work in security departments of major corporations and software companies. Their break-in skills are useful in locating the weak points of a company’s defenses. They also get hired as programmers and risk analysts. Jeff Moss, DEFCON and BHC founder, may have made hacker history by being tapped for the federal Homeland Security Advisory Council.
Although “black hat” hackers are unwelcome in most places, they can still be useful: Software companies dare them to try and penetrate their defenses.
Filed under: Special Features
Tags: Cybersecurity