Hackers for hire: digital mischief becomes a mainstream career choiceSeptember 2nd, 2016 |
The word hacker often brings about an image of a shady character typing away at a computer trying to steal valuable information or otherwise wreak havoc on the web. However, not all hackers are out to destroy the fabric of digital society. Some actually want to protect it. After all, what better way to stop a cyber-criminal than to beat them at their own game?
There are teams and individual hackers that dedicate their lives to hack companies and individuals and expose the flaws in their security. Also known as “white hat” hackers, these specialists use their skills to penetrate information systems and help companies fix vulnerabilities.
Some companies choose to hire professional hackers while others go a different route, offering “bug bounties” to any hacker that manages to break into their systems. Bug bounties, also known as hacker bounty or vulnerability rewards programs, are crowdsourcing initiatives that reward teams or individuals that find a software bug and report it.
The truth is, anyone can win one of these bug bounties. In May, a 10-year-old from Finland was the youngest hacker to ever win one of Facebook’s bug bounties after discovering vulnerability in Instagram that allowed him to delete any comment and profile on the app.
Facebook, which owns Instagram, is infamous for its “hack” payouts. The company recently reported that it has given more than $4.3 million to over 800 hackers and researchers around the world since it implemented the bug bounty program.
Facebook is not the only company to pay hackers big bucks to break through their security systems. Apple is known to pay up to $200,000 to hackers that find issues with their software. Twitter, Microsoft, Fiat Chrysler, and even Groupon have all joined the growing list of companies that have active bug bounty programs for hackers.
Even the government is getting in on the action. The FBI paid an undisclosed amount for a hacking tool after Apple refused to unlock the iPhone of the San Bernadino terrorist. The figure is estimated to be a little less than $1 million.
What is Civic Hacking?
Some white hat hackers are taking it upon themselves to help improve government systems without expecting a reward. While the idea of “civic hacking” is fairly new, it is certainly making big strides. Code for America is a non-profit network of volunteers and hackers that create open-source software for local governments.
Cities like Chicago and San Francisco have all held civic “hackathons” tasking their citizens to create tools that would help promote change in their communities. These events have resulted in web and mobile apps that the cities have actually used to improve their infrastructure.
In June, Code for America celebrated the first National Day of Civic Hacking. 91 hackathons were held around the U.S. to help design useful web and mobile apps for citizens, businesses, and local government agencies. These hacks are now part of a social movement that is improving transparency, accessibility, and communication for these organizations.
How to protect yourself
Normal people probably aren’t going to hire a hacker to help improve their digital security and we’ve all heard the regular security advice: use strong passwords, don’t click on strange links in your email, etc. However, that doesn’t mean you can’t beef up your security with these hacker sanctioned tips:
Keep your social media private. Oversharing on social might be your undoing. Facebook, Twitter, and other social media channels are some of the main sources of personal information for some hackers. Be careful not only with the information that you enter on these sites, but also with the images that you share as they may contain information that you don’t want on the internet.
Password protect everything. Call your cell phone company, cable company, and internet service provider and ask them to not allow anyone to access your account information without a pin or password. Social engineering is a branch of hacking that focuses on exploiting human weakness in security processes. You can avoid hackers persuading customer service representatives by being proactive and keeping your data safe.
Use a password manager. Password managers store all of your passwords in a secure vault and allow you to log into your profiles with a “master” password. This master password should be very strong, and will grant you access to your password database. Although it’s not fool-proof, it is often more secure to use a password manager than not.
Vet shady websites. Sites like urlquery.net scan sites for malware. It couldn’t hurt to give it a shot next time you’re unsure about a domain.
Hover over your links. Before clicking through a link in an email, hover over it to make sure that the URL matches the site that you want to visit exactly. Sometimes that is not the case and could lead you to a phishing site.
Use a VPN. VPNs are not just for your work computers anymore. A virtual private network allows you to avoid some of the dangers that lurk in public Wi-Fi networks by routing your internet traffic through another server.
Turn it off if you’re not using it. Before you leave your house, turn off your Wi-Fi and Bluetooth capabilities. You’ll save battery and avoid begin a potential target.
Get better protection. If you currently lock your phone with a simple pattern or a 4-digit code, try making it more complicated. These short codes can be easily bypassed.
Lie. Sort of. Social media and a simple Google search can reveal a lot about your life, including facts like your mother’s maiden name or street address. Instead, make up fake answers to common security questions so that they cannot be easily guessed by hackers.
Don’t overthink it. Everyone should take basic security measures to protect themselves from hackers, but unless you are a public figure or the head of a multi-million dollar corporation, you probably won’t need to worry about a major hack.
Got anymore suggestions on how to improve your digital security? Share with us on Facebook!