Government Bounties for All: White Hat Hacking Is Big Business | Motherboard
Governments need white hat hackers to sniff out security holes and bugs in computer systems before the wrong person finds them first—and they're willing to pay.

From our friends at

BY MEGHAN NEAL

In today's world, public enemy number one isn't likely to be the tough, tatted thug on a wanted poster. More and more, it'll be the brainy hacker in front of a computer screen, silently crafting cyberattacks from his workspace. And so are the good guys.

Governments need white hat hackers to sniff out security holes and bugs in computer systems before the wrong person finds them first—and they're willing to pay. Countries shell out hundreds of thousands of dollars to companies like ReVuln, the security firm profiled Sunday by the New York Times.

ReVuln's customers—which include Russia, North Korea, and, you guessed it, the NSA—are looking for flaws in their own networks so they can fix them, and in enemy networks, so they can exploit them. A simple error in code can give the buyer full access into software, reported the Times. The hackers are there to sniff it out.

The practice of paying "bug bounties" for hackers that hunt out security flaws has been around for ages. Microsoft, Google, and Facebook have all spent thousands to find and fix bugs in their own products. Though making sure your Chrome browser is working properly is a worthy endeavor, the stakes with governmental systems can be much higher. Considering how much work is effectively outsourced via boutnies, it's a pretty crazy thought to think that a relatively small group of private citizens are an important line of defense against cyberespionage and worse.

That's not to mention the threats at home. White hats from the security firm iSEC uncovered a security flaw that sent a shiver down consumers' spines last week. They discovered they could hack into a Verizon device used to amplify wi-fi signals and turn it into a spy machine that could listen in on the cellphone conversations of any nearby Verizon customers.

The signal-boosting device, known as a femtocell, has been something of an Achilles' heel for cybersecurity. Since it's essentially a tiny cellphone tower, it can pick up all the phone signals nearby. When it’s breached, the hacker can listen in on the calls of any Verizon customer nearby.

Read the full story on Motherboard

Photo via US Navy

Promoted Stories Powered by Sharethrough
Business
Samsung's response to a customer whose phone caught fire only made things worse
Damage control is a tricky thing: One wrong move can make a small crisis exponentially worse. Such is the case for Samsung, which moved to suppress YouTube evidence that its Galaxy S4 smartphone can catch fire for no reason at all, only to have the original poster call the company out for it in a second video that received five times as many views as the first.
Business
U.S. government enlisted ISPs to fight Chinese hackers
Earlier this year, the U.S. government gave American ISPs addresses believed to be associated with Chinese hackers “as part of a previously undisclosed effort aimed at blocking cyberspying,” according to the Wall Street Journal.
Group

Pure, uncut internet. Straight to your inbox.

Thanks for subscribing to our newsletter!