Cyber-security: White Hats To The Rescue

ANDREW WHITAKER has made a career out of breaking into things. A “white hat” hacker in techie jargon, Mr Whitaker leads a team of security specialists at Knowledge Consulting Group who spend their days trying to worm their way into clients’ computer systems to see how vulnerable they are to cyber-criminals, spies and other nefarious “black hats”. The team’s record is both impressive and alarming. Some of the firm’s clients are utilities, and Mr Whitaker and his colleagues often target software that controls critical infrastructure, such as water and power supplies. “We’re getting in pretty much every single time,” he says.

Crooks and spooks are still finding plenty of chinks in digital armour too. On February 15th Kickstarter, a crowdfunding site that lets users send cash to entrepreneurs promoting novel projects, said hackers had stolen usernames, encrypted passwords and e-mail addresses from it. A few days later a security researcher claimed to have found evidence that Snecma, a French aerospace firm, had been attacked by hackers, though it is not clear if they got into its systems. Kaspersky Lab, a security firm, recently said it had discovered a global spying operation, dubbed “The Mask”, which had been running since 2007 and which targeted everything from governments to activists and energy companies.

The effects of a hacking attack can be devastating for a company’s reputation and its bottom line, as Target is discovering to its cost. At the end of last year the giant American retailer was hit by hackers who swiped the details of credit and debit cards held by 40m of its customers by placing malicious software on thousands of the registers in its stores. In total, intruders gained access to 70m records that contained partial names and e-mail and postal addresses of customers.

via Cyber-security: White hats to the rescue | The Economist.

———————————————-

Journal of Law & Cyber Warfare | www.jlcw.org The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners.  The Journal of Law & Cyber Warfare provides a public peer-reviewed law publication to foster open discussion and education of technology, government and legal stakeholder in relation to the complex issue of cyber warfare.  Journal of Law & Cyber Warfare accepts articles written by military, technology, judges, government officials, academic and legal practitioners. The Journal of Law & Cyber Warfare is honored by the world class caliber editorial board that is involved with the Journal. Thought leaders from forensics, law, warfare, and cyber security are on the Board. The Journal is always looking for interested thought leaders who believe they can contribute in a meaningful fashion to the development of cyber warfare scholarship.