Ethical Hackers Could Put an End to Cybercrimes, If Only They Are Acknowledged

Whenever we hear the term “hacker,” it is natural to think about a person who hacks into your system illegally, damages your files, and steals your financial or personal information. This reputation was built in the initial days when the internet newly emerged. It would take a little time to process the fact that a hacker can actually make our lives better by making our digital environment securer.

White hackers vs. black hackers

By definition, a hacker is not necessarily the bad guy, he is a skilled computer person who uses technical knowledge to overcome different problems. But a lot of us know a hacker as a programmer who hacks the security system of a computer, deliberately. After hacking, he either releases malware or steal personally identifiable information.

IT hackers are of two types – white hackers and black hackers. The black hacker is the bad guy, but the white hacker is the person who practices ethical hacking. He gets into the computer system (without permission though) but for good reasons. These days, white hackers have become an integral part of the cybersecurity community. They exploit the systems to make them better and to keep the black hackers at bay. The only problem is they are still not acknowledged like they should be.

Kevin Rose of Real Future did an experiment by inviting two expert hackers to hack him using the tools and knowledge they had. Within a matter of days, they were able to gain access to every piece of his digital life starting from his cell phone, bank account, to even his email and social media profiles. They showed them how they were a few clicks away to steal all his personal data and ruin his life. These hackers then helped him protect his digital information from future attacks by fortifying his devices, strengthening his passwords and educating him about the suspicious activities to watch out for.

According to HackerOne report, 20 percent of the hackers are from India, 20 percent from the USA, 6 percent from Russia, 4 percent from Pakistan and 4 percent from the UK. Most of these hackers belong to different educational backgrounds. Among them, 58 percent are self-taught, 50 percent have studied computer science in college and 26.4 percent have studied computer science in high school. 90 percent of these individuals are under 35, 50 percent are under 25 and 8 percent are under 18.  All these hackers have one thing in common: They have endless curiosity. They are active readers; they study the vulnerabilities and they report them (or would like to report them).

Google was among the pioneers to acknowledge this talent by creating a bug bounty program in 2010. This program an “Experimental New Incentive” which was created for the cybersecurity community for finding bugs in Chromium. There was a $1,337 prize money for finding severe or clever bugs and $5,000 prize money for finding security bugs. This program was a huge success. Now, many giant organizations such as Snapchat, Tinder, Dropbox, and Starbucks have their own bug bounty programs. They offer monetary rewards in thousands of dollars to those who can exploit the security vulnerabilities and report them to the company.

Different hackers have different reasons to look for vulnerabilities but money is still a nice incentive. The HackerOne data says that top hackers from India earn up to 16 times more than an average software engineer. The hacker’s community is not just dominated by whites and males, females have started taking part, too.

But are white hackers really appreciated? 

All the scams, viruses, breaches, and vulnerabilities in the news have left a bad taste in the mouth of the public whenever they hear the word hacker. But not all hackers are bad.

There could be around 1000 ethical hackers out there for every bad one but they don’t make it up to the press so, we never get to hear about them. There are two possible explanations for that. One – the hacker could be too young to taken seriously.  Such hackers don’t feel people would value their work so they are less inclined to help them. Second – the law makes us look at the hacking community through societal suspicions. In case you didn’t know, in the 1980s, the Computer Fraud and Abuse Act was passed which defined computer fraud in such a way that a prosecutor could charge white hackers with hefty fines and even prison time.  Because of the threat of legal action, lots of white hackers hesitate from sharing their discoveries.

What needs to change?

The hackers who are more than talented to identify system vulnerabilities need to be taken seriously. To make these talented hackers work for the good rather than being in involved in big security breaches, companies need to offer higher bounties. Consider that they are investing in the security of the company as well as its customers.

Other than this, the legislation must make exceptions to protect the hackers so that they are encouraged to report more and more bugs they find. Other than this, along with companies, the media must recognize the work ethical hackers are doing.

When it comes to teenage hackers, if you appreciate their energy, curiosity, and talent, they will not just take their skills seriously but will find their moral compass, too. The same HackerOne reports say that 1 in 4 hackers haven’t reported vulnerabilities because the website completely lacked a channel of communication. Therefore, more and more companies should start incentivizing ethical hacking.

Monetary rewards are not the only thing that companies must offer, the work of these ethical hackers should also be publicized.  It is these hackers who can rescue and safeguard our society and maybe even put an end to cybercrimes. Nevertheless, they should be given public disclosure. After all, a little appreciation can go a long way. Lots of hackers in the jailbreak community have been employed by big firms, then why not these hackers, too. It’s all a matter of time.