Meet the “ethical hackers” fighting the growing threat of cybercrime

‘Perfect storm’

There has been a proliferation of digital crime since the COVID-19 attack.

The Australian Cyber ​​Security Center (ACSC) annual report, released in September, found that cyber attacks increased by 13% in the 12 months to June, equivalent to one reported attack every eight minutes.

There have been a number of high-profile ransomware attacks, including Toll Group and US oil giant Colonial Pipeline, which have wreaked havoc on essential service providers. The Reserve Bank of Australia warned this month that a successful cyberattack on a major bank was “almost inevitable.”

“Criminals go where the money is,” Edelstein says. “We now see very few armed robberies in banks. They don’t hold a lot of money in a branch and your chances of getting caught are high.

Sentaris founder Justin Waite hasn’t always been an “ethical” hacker. Credit:Jason South

Sentaris founder Justin Waite was a teenager in the early 1990s, when he wasn’t such an ethical hacker. An interest in breaking into safes translated into the digital world, where he created virus codes to crack passwords or copy computer games for his friends.

He says hacking is more of an art than a science. By the time you complete a college degree in coding, this is no longer relevant. The industry is changing rapidly and the threat continues to increase. Waite refuses to hire junior hackers and has chosen those he considers the best in the business to form his small team of five. “Since then, I have had some really large organizations on my books, including government, large retailers, and financial services.”

With cybersecurity now a big business, Waite worries about charlatans entering the industry. Coding is complex and foreign to many executives, and he says some companies charge exorbitant fees to print glossy reports that don’t say much. His shop, operating from an office in the northeastern suburb of Melbourne, has a policy of not selling products after seeing competitors receive bribes for selling unnecessary software.

“I was bitterly disappointed with what was going on in the market,” he says. “They’ll run a tool, put on the cover page and say you’re okay. A year later, they will be compromised. I left the banks to start my own business to fill this void in the market.

Conference room problem

Edelstein says most of the city has been taking cybersecurity seriously for at least five years. “I think all directors would agree that cybersecurity is about the board.”

There are laws that mandate annual penetration tests for certain industries, and well-endowed companies invest money in innovative solutions to avoid compromising customer data or damaging their reputation. Demand is well positioned to continue to grow, as the government considers overhauling cybersecurity legislation to impose stricter reporting requirements on a wider range of businesses.

In this context, the cybersecurity industry faces a skills shortage.

CyberCX took matters into its own hands by launching an internal program to recruit and train staff from scratch. Psychologists and teachers have gone through the program, with no definite pattern of what makes the perfect hacker. “We’re looking for people with that inquisitive mind, that research ability, that ability to take on challenges and not give up along the way until they get the results they need,” says Edelstein.

Leave a reply:

Your email address will not be published.