Join top executives in San Francisco on July 11-12 to hear how leaders are integrating and optimizing AI investments for success. Find out more
Why do people become ethical hackers? Given the negative connotations that the word “hacker” has unfortunately acquired over the past few decades, it’s hard to see why anyone would label themselves with that paradoxical name.
Not yet, ethical hackers is playing an increasingly important role in cybersecurity, and the ranking of the ethical hacking community is increasing dramatically. If you’re thinking of partnering with or hiring ethical hackers — or even becoming one yourself — it’s important to understand what makes this unique type of cyber expert.
If you talk to people in the hacker community, you will see that the opportunity to earn cash rewards through bug bounty programs are a major motivator for many people. But it is not the only one, and perhaps it is not even the most important.
Some people sign up to enjoy hacking without breaking the law. Others want to test their networking skills and build a resume. Some just want to be part of a community. There’s even an element of vigilance and thrill in finding vulnerabilities before the bad guys do, helping not only organizations but even friends and family protect themselves.
As an ethical hacker since high school and now helping to recruit and curate a community of ethical hackers in my career, I understand well what makes and drives an ethical hacker. Good. Here’s what I’ve learned.
It’s not just about money
Like many other jobs, money is important. But it’s not always the deciding factor.
A recent survey of mine hacking principles community shows that money is a big motivator. The payout can certainly be good, with a third of ethical hackers earning at least $1,000 a month.
But there’s more to being an ethical hacker than financial rewards. According to the survey, 60% of the community spends at least 10 hours a week hacking, 40% spends more than 20 hours, and 18% spends more than 40 hours a week. Taking such time shows that the problem is not just about money. With skills that ethical hackers have, they can make more money working as cybersecurity analysts.
It starts with curiosity
For many ethical hackers, the journey begins with a deep interest in solving puzzles and learning about how things work. For example, Sebastian Neef (alias Gehaxelt) is a PhD in computer science. students in Germany started hacking at the age of 17.
He said that seemed like a great thing to do in 2011 when hackers attacking websites were common. It also seems easy, he said, but unlike some destructive chaos actors, Sebastian is driven by curiosity. He wants to know what the administrator will do when he warns them about vulnerabilities in their system. Some were grateful and addressed the holes. Others do nothing.
Stories like Sebastian’s are popular, with many people starting out because of their technological aptitude and curiosity. But once they discovered their skills and got hooked on hack, there is a fork in the road. People like Sebastian choose the path of morality.
Belonging to a community with strong appeal
Like any other professional relationship, ethical hackers form groups and communities where people share both tips and respect. Those communities aren’t like recreational soccer teams where everyone fights for a common cause, but they’re certainly competitive. Many ethical hacking communities have leaderboards. Everyone knows who is at the top of the charts and everyone wants to be number one.
There is also a close friendship working together. Sebastian and about 30 other ethical hackers are joining a German bug bounty Slack channel. Once a year, they rent out a co-working space, pick a few goals, and work together to see who can find the most holes. For Sebastian, the community also extends to Tuesday get-togethers where people get together and talk about security or take part in flag-catching competitions.
Protecting what is near provides purpose
In a certain sense, morality hacker very much like the others. They are concerned about the security of the websites and other technologies they use every day. But unlike most people, ethical hackers have the skill and knowledge to check things and make sure they’re safe. And once you’ve seen the dangers lurking in technology, and know you have the skills to uncover it, it’s hard not to act.
Concern about the security of technology every day is also one of the things that drives ethical hackers to choose their targets. In addition to the bounty program, they also care about their own welfare and the cybersecurity of their friends and family.
Like many other professionals inside and outside of tech, Sebastian and his team are driven by autonomy, ownership, and recognition. Ethical hackers can work on their own and on their own time as they try to find weaknesses in an organization’s infrastructure that cybercriminals can exploit. It’s a sense of autonomy that few others in the cybersecurity field can claim. The ability to expose vulnerabilities in an organization’s systems and networks that others cannot find — thanks to the specific skills and knowledge possessed by an ethical hacker — provides a sense of self-esteem. proud and recognized in the community.
But mostly, ethical hackers do it because they want to do the right thing, especially if it leads to stronger security measures to prevent future attacks. These experts are capable of doing something many in the cybersecurity field seem impossible or unlikely to happen: Give hacking a good name.
Fredrik Nordberg Almroth is a co-founder and security researcher at Detectify.
Welcome to the VentureBeat community!
DataDecisionMakers is a place where experts, including those who work with data, can share data-related insights and innovations.
If you want to read about cutting-edge ideas and updates, best practices, and the future of data and data technology, join us at DataDecisionMakers.
You can even consider contribute an article your own!