‘White hat’ hackers use their invasive skills to protect, not destroy

By Frances Jenner March 12, 2018

Since the dawn of the digital age, hackers have been hiding in the dark corners of the internet in an illicit world of code and encryptions feared by companies and individuals alike. Now, however, if a company is worried about their security, they can hire ethical hackers, or ‘White Hat’ hackers to try and break into their system in order to expose possible weaknesses.

HackerOne, a company founded in 2012, started off with ‘The Hack 100’ in 2011. According to The New York Times two Dutch co-founders, Jobert Abma and Michiel Prins, hacked into 100 of the most prominent tech companies to expose how they can be exploited by others. When contacted by Amba and Prins, only a third immediately attempted to fix their security issues, but this caused the company to grow exponentially. Now, HackerOne is used by tech giants such as Twitter, Facebook, The European Commission and even the US military.

“Bug bounty programs are all the rage at the moment,” Jake Kouns of the Open Security Foundation told Forbes. “If you’re not doing a bug bounty program, you’re perceived as not really caring about problems.”

HackerOne employs both professional and amateur hackers from across the globe. Their website states that hackers working with them have earned over $20 million in bug bounties, over two times as much as any other ethical hacking platform. They also have a free online platform teaching people how to hack, called Hacker101.

“HackerOne’s mission is to empower the world to create a safer internet,” declares their website, and by having a transparent, ethical security platform, they seem to be succeeding.

Data breaches caused by hackers are happening all the time, all over the world, report data protection news site CSO online. This could consist of a couple of emails or pictures, to billions of people’s accounts being compromised. Technology advice site Lifewire’s article ‘The Greatest Computer Hacks’ covers a range of hacking ‘achievements’ ranging from the Ebay scandal, which compromised the personal information of 145 million users, the Melissa Virus, that infected 20% of the world’s computers, or the Stuxnet Worm, that manipulated the data of Iran’s nuclear refinement plants, confusing and misdirecting specialists for a year and half, wasting millions of dollars in the process. From the scope of damage caused and havoc wreaked, it’s clear that data security and protection against hostile hackers is paramount.

HackerOne is not the only ‘White Hat’ hacker company out there, and they are growing as international companies realise that online security is paramount. They are easily accessible also, for example Bugcrowd has a comprehensive list of bug bounty companies, and Firebounty is a website where companies can list their domains asking for independent hackers to find vulnerabilities in their software for a financial reward.

‘Black hat’ (the stereotypically hostile) hackers are still out there, honing their skills and worming their way into security cracks, but they are facing more and more of a challenge, as those who are protecting the companies have an identical skill set as those trying to break into them. HackerOne, and other ‘White hat’ hackers like them, are the future for creating a safer, more secure cyber environment.