June 15, 2011 at 5:46 pm #6495
With groups like Wiki-leaks, Anonymous and LulzSec popping up in the news almost everyday, I wanted to get a feel from the ethical hacking community on what we see as their role. Do they help? Do they hurt?
On one hand they help me sell work. My clients see this stuff on the news and might decide to get serious about stuff I have been pitching. They are forcing companies to deal with security issues.
On the other hand, what they are doing is illegal and might make people who don’t understand the nuances between white, grey and black hat hacking turn against us altogether. If I start getting FBI agents knocking on my lab door because I am running a legitimate external scans on a range of client IP’s, my prices are going up.
What do you think eh-net?
June 15, 2011 at 7:11 pm #40227AndyB67Participant
Too many of the companies out there seem to be playing loose with security and our data. Ok, the software they are using in most cases is flawed but there’s no reason not to have a robust patching and security policy in place to minimize the risks.
I give regular briefs to the users in the company I work for (as an information manager) stressing about the need for data protection, good password policy and the rest of the good stuff that they should do. I’ve had a user come up to me after one brief and ask if it was possible to bypass/remove the encryption on his works laptop as it made it ‘run slower’!!
All the high profile hacks going on at the moment and things like the bigger fines that the Information Commissioner is slapping on data protection breaches in the UK is giving me good ammo when I go out and preach to the unwashed masses
June 15, 2011 at 8:17 pm #40228cd1zzParticipant
While I don’t condone their activities, I think it’s great for business like you said above. It is hard enough to get people to pay attention to security but with major headlines, your clients begin to listen. I find it highly entertaining as well to watch this stuff unfold.
June 15, 2011 at 9:34 pm #40229
*disclaimer* Although the attacks are illegal and break the “ethical grey hat” rules of no disclosure…/*disclaimer*
When you preach this is an imminent risk, you need to be prepared, for God’s sake please listen to me and then those risks are realized, it does make you feel a little better.
June 16, 2011 at 1:13 am #40230
Another thing to consider…will these type of attacks tilt public opinion to favor a governmental crack down on our currently unregulated and uncensored open internet?
You must be logged in to reply to this topic.