The wisdom of white hats

Hackers can be an enterprise's best friends when it comes to identifying its Achilles' heel, says Sathya Mithra Ashok

  • E-Mail
By  Sathya Ashok Published  April 9, 2008

When cops come up with a brilliant plan to catch more criminals, you can bet your last dollar that some criminals have already figured a way around it. Enterprise security is not that very different.

Consider this. Recently researchers unearthed what could be the biggest botnet ever. The core software, called Kraken, is believed to have infected 400,000 machines already and this number is set to rise to 600,000 in the next two weeks. With a code that morphs, Kraken has managed to evade conventional security systems - such as IDSs, IPSs and firewalls - and infected machines in nearly 50 of Fortune 500 companies. What's scarier is that, according to initial estimates, only around 20% of anti-virus programs have been able to detect it.

So what can an enterprise do in the face of a danger that evades even the best security measures? The answer might lie in seeking the help of the people who perception has always relegated to the bad boys section of the cyber community - hackers.

A combination of a well-developed awareness of the way most systems function and the constant search for chinks in their armour make hackers some of the most knowledgeable people on enterprise security. This is why enterprises have used hackers to test their systems and identify vulnerabilities since the 70s.

These hackers, known as ethical hackers or sometimes ‘white hats', approach a system in the way their more malicious peers would and try to identify weaknesses in systems and software. The crucial difference is that white hats share the information they unearth with the organisation in question instead of using it to compromise their systems. In this way, they can become powerful aides for proactive defence within an enterprise.

The work done by ethical hackers has, however, been largely confined to massive organisations that take their security pretty seriously (like the military), or the R&D labs of huge technology firms. In the Middle East, white hats remain largely unheard of and I have not personally heard of any enterprise, however large, employing them in the region to understand individual system risks. (Of course, some firms do intensive risk assessment processes with consultants and service providers but none have an ethical hacker on their payroll working full-time for the firm.)

Events, like the soon to be held Hack in the Box Security Conference (HITBSecConf 2008) in Dubai, tries to address this lack of hacker knowledge among Middle East enterprises by bringing together some of the better known security names of the world to describe and discuss how systems can be compromised.

The highly detailed sessions of the conference, which will be held between the 14th and the 17th of April 2008, will tackle everything from cracking GSM encryption to hacking the Bluetooth stack, VoIP insecurities, getting into embedded devices and virtualisation related security issues. Any technology is only as strong as its weakest link and by highlighting the specific drawbacks of connectivity technologies and internal enterprise networks, all the sessions of HITBSecConf 2008 will attempt to enable enterprises and service providers to establish and maintain stronger and more secure networks.

Just to set expectations right, these guys might not be able to help you specifically with Kraken. But they can certainly help you understand the mind of malicious attackers out there and the potential limitations of your systems, so that you don't fall victim to the next Kraken that appears on the block. Reason enough to attend the conference, I would say.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code