What is the role of grey hat hacktivism groups in the security world?

This topic contains 4 replies, has 3 voices, and was last updated by  jsm725 8 years, 1 month ago.

  • Author
    Posts
  • #6495
     jsm725 
    Participant

    With groups like Wiki-leaks, Anonymous and LulzSec popping up in the news almost everyday, I wanted to get a feel from the ethical hacking community on what we see as their role. Do they help? Do they hurt?

    On one hand they help me sell work. My clients see this stuff on the news and might decide to get serious about stuff I have been pitching. They are forcing companies to deal with security issues.

    On the other hand, what they are doing is illegal and might make people who don’t understand the nuances between white, grey and black hat hacking turn against us altogether. If I start getting FBI agents knocking on my lab door because I am running a legitimate external scans on a range of client IP’s, my prices are going up.

    What do you think eh-net?

  • #40227
     AndyB67 
    Participant

    Too many of the companies out there seem to be playing loose with security and our data.  Ok, the software they are using in most cases is flawed but there’s no reason not to have a robust patching and security policy in place to minimize the risks.

    I give regular briefs to the users in the company I work for (as an information manager) stressing about the need for data protection, good password policy and the rest of the good stuff that they should do.  I’ve had a user come up to me after one brief and ask if it was possible to bypass/remove the encryption on his works laptop as it made it ‘run slower’!!

    All the high profile hacks going on at the moment and things like the bigger fines that the Information Commissioner is slapping on data protection breaches in the UK is giving me good ammo when I go out and preach to the unwashed masses

  • #40228
     cd1zz 
    Participant

    While I don’t condone their activities, I think it’s great for business like you said above. It is hard enough to get people to pay attention to security but with major headlines, your clients begin to listen. I find it highly entertaining as well to watch this stuff unfold.

  • #40229
     jsm725 
    Participant

    *disclaimer* Although the attacks are illegal and break the “ethical grey hat” rules of no disclosure…/*disclaimer*

    When you preach this is an imminent risk, you need to be prepared, for God’s sake please listen to me and then those risks are realized, it does make you feel a little better.

  • #40230
     jsm725 
    Participant

    Another thing to consider…will these type of attacks tilt public opinion to favor a governmental crack down on our currently unregulated and uncensored open internet?

You must be logged in to reply to this topic.

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?