When Your White Hat Is Really a Black Hat

0146695.jpg Don't get confused between the two.....

A series of recent news headlines reveal cybersecurity experts, who were being paid to defend networks, battle malware and fight cybercrime, were actually black hat hackers. What happened and what can be done to address this growing trend? Is your enterprise prepared?

Are you a good guy or a bad guy? Are you for us or against us? Can we truly trust all the people working for my company (or hired contractors) to protect sensitive data?

These basic questions are again being asked all over the world regarding the recent actions of technology and cybersecurity professionals.

For example, take a look at these four representative stories that have happened since May 2015:

Enormous leak exposes Hacking Team as blackhat organization (In Italy) - 
“The security community is buzzing about the release of more than 400GB of corporate data from the Italian security firm Hacking Team, a revelation that’s being called the security industry’s version of the Edward Snowden leaks. Hacking Team has been previously accused of being willing to sell its services and software to anybody, even authoritarian regimes with active human rights investigations ongoing. ...”


23-year-old twins allegedly tried to rip off the State Department and sell a bunch of passport data -
“Muneeb and Sohaib Akhter are twin 23-year-old computer whizzes who live in Springfield, Virginia. Last week they were indicted by the Department of Justice on accusations of hacking into various computer systems, stealing credit-card funds, and hatching a plan to access US government computers and sell passport and visa data.
In total, the Akhter twins racked up 12 criminal charges. ...”

Cybersecurity intern accused in huge hacking bust –
“The guy accused of being one of the world's top Android phone hackers is a bright young student who's been honing his skills as an intern at the cybersecurity firm FireEye.
Recently, the U.S. Justice Department announced a massive international bust of Darkode, an online black market for hackers. Among those charged with crimes was Morgan Culbertson, a 20-year-old from Pittsburgh. He's accused of creating a nasty malware that infects Android phones, steals data and controls the device.
Culbertson is currently a sophomore at Carnegie Mellon University in Pittsburgh. He's a two-time intern at the cybersecurity software maker FireEye where he's been researching malware on Android smartphones, tearing apart viruses, and analyzing them. ...”

Man accused of hacking into college women's accounts, 'sextorting' –
“A U.S. Department of State employee was arrested at Hartsfield-Jackson Atlanta International Airport and is accused of hacking into college-age women’s accounts and stealing compromising photographs for blackmail. Federal investigators say he used government computers at the US Embassy in London to commit the crime. Investigators say Michael C. Ford is a US citizen who has worked as an embassy employee in London since 2009. ...”


Are You a Spy? – No, This is Not a Movie
While the world has become accustomed to both James Bond films for decades and new cyber thriller movies with double agents working for multiple organizations at once, the current reality with technology and cybersecurity professionals has become much more complex.

The common definition given to a “good guy” or ethical hacker is a “white hat” hacker. The “bad guys” are generally labeled as “black hat” hackers. Some like to think of themselves as “grey hat” hackers as well.

A further complication regarding definitions comes into play when you consider cybersecurity industry conferences like Black Hat USA 2015, which opened recently in Las Vegas. 

Front-page highlighted press coverage at the event offers helpful advice regarding the recent Chrysler hack, alarms over driver safety and a conference attendee report describing the cyber mess we are in.
The attendee survey proclaims that it is time rethink enterprise IT security and offers potential solutions to our global online security problems. These are very helpful tools and answers for enterprises being offered at the biggest hacker event in the world.

There are numerous websites and tip sheets to help you not become a victim yourself. I find it interesting that so many precautions must be taken, which just proves that the norm has become “hacking back” as one answer. My point is that our society has made it trendy and attractive to be a black hat hacker and get attention by hacking a growing list of connected things.

Lasting answers in the area of cyberethics are very difficult to find right now. The situation seems even more like the Wild, Wild West or like the situation in 1930s Chicago, than when I wrote this popular “Are You An Insider Threat” blog for CSO Magazine back in 2010. News events describing new data breaches and other cyber incidents are quickly overtaking established laws, company policies and other rules.

Those who try to stand up for traditional definitions of right and wrong in cyberspace, are often laughed at by the majority of the hacker community. We have largely moved to a new online world in which the primary motivator is whatever cause you support, and “hacking back” is becoming the norm for more and more people. What can I offer? It starts with your own situation and the people you are working with and relying on to protect and defend sensitive data. We must trust and verify, but what does that really mean?
Obviously this is a very complex topic. I wrote a series of LinkedIn advice articles on this topic to help some struggling friends and professional colleagues at the end of 2014:

Part 1) Are You For Us or Against Us?
Part 2) Changing Security Culture With a New Approach
Part 3) Are You Engaged In Building Trust & Fixing The Security Culture?

In closing, I now take the terms “white hat,” “black hat” or “grey hat” hackers with a level of suspicion. I know plenty of people who view themselves in one category, who are very likely in another category based upon a long list of factors.  

We need to remember President Ronald Reagan’s “Trust But Verify” quote, which pertains to everyone on our cybersecurity and technology teams.   

GovTech:      Dan Lohrmann is SCO at Securiity Mentors Inc

« Sun Tzu 2.0: Is CyberWar the new Warfare?
Fraudsters Steal $46.7m From Ubiquiti Networks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Acuity Risk Management

Acuity Risk Management

Acuity Risk Management helps businesses worldwide effectively manage, prioritize and report on their risks to inform strategic and tactical decision-making and build long-term resilience.

Kramer Levin

Kramer Levin

Kramer Levin is a full-service law firm with offices in New York and Paris. Practice areas include Cybersecurity, Privacy and Data Protection.

Appvisory

Appvisory

Appvisory by MediaTest Digital is the leading Mobile Application Management-Software in Europe and enables enterprises to work secure on smartphones and tablets.

AVORD

AVORD

AVORD is a cloud-based security testing platform that allows clients to manage security testing requirements in a far more productive and efficient way.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

Swisscom Blockchain

Swisscom Blockchain

Swisscom Blockchain is focused on supporting the implementation and adaption of Blockchain-based platforms in enterprises across diverse industries.

Allthenticate

Allthenticate

Allthenticate Single Device Authentication (SDA), enables seamless authentication in both the physical and digital words while unifying management in one easy-to-use interface.

Stamus Networks

Stamus Networks

Stamus Networks offers Scirius Security Platform solutions that marry real-time network traffic data with enhanced Suricata intrusion detection (IDS) and an advanced analytics engine.

Perch Security

Perch Security

Perch is a co-managed threat detection and response platform backed by an in-house Security Operations Center (SOC).

CENSUS

CENSUS

CENSUS is a Cybersecurity services provider offering services to multiple industries worldwide such as Security Testing, Code Auditing, Secure SDLC, Vulnerability Research and Consulting Services.

R3I Ventures - House of DeepTech

R3I Ventures - House of DeepTech

The House of DeepTech is an incubator for deeptech entrepreneurs that are transforming global industries. Areas of interest include cybersecurity.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

Framatome

Framatome

Framatome Cybersecurity portfolio is directly inspired by its unique experience in nuclear safety for critical information systems and electrical systems design.

SilverEdge Government Solutions

SilverEdge Government Solutions

SilverEdge is a next generation provider of innovative and proprietary cybersecurity, software, and intelligence solutions for the Defense and Intelligence Communities.

Neya Systems

Neya Systems

Neya Systems, a leader in advanced off-road autonomy and high-level multi-robot mission planning, provides innovative solutions for uncrewed ground, aerial, and surface vehicles.

Security Solutions Services (S-3)

Security Solutions Services (S-3)

S-3 specialize in crafting tailored network design, security hardware, software, and storage solutions for businesses of all sizes.