How To Hire A Hacker - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // Team Building & Staffing
News
6/28/2012
01:15 PM
Connect Directly
LinkedIn
RSS
E-Mail
100%
0%

How To Hire A Hacker

Hackers might have shady pasts, but they can also bring a lot of IT expertise to the table. Should you consider hiring one?

Who Is Anonymous: 10 Key Facts
Who Is Anonymous: 10 Key Facts
(click image for larger view and for slideshow)
They're the bane of the IT security professional's existence when they're on the wrong side of the law, but the truth is, hackers often understand the nuances of network security better than your average CSO. So is it safe to bring a hacker into your IT team?

According to Shane MacDougall, there are pros and cons to hiring a hacker. MacDougall is a partner at Canadian security consultancy Tactical Intelligence, a hacker at the DEFCON Hacking Conference, and last year's winner of Social-Engineer.org's The Schmooze Strikes Back hacking contest.

"Every IT department needs to hire an ethical hacker," says MacDougall. But his advice comes with a warning: "You really do need to check the background on who these people are, who they've been hanging with, and who their crews are." MacDougall offers these tips for hiring a hacker that's right for your IT shop:

Ensure a good fit. No two hackers' skill sets are exactly the same. For this reason, MacDougall recommends that you carefully consider why you need to hire someone in the first place.

For example, if your company is focused on programming, MacDougall says, "Somebody who has a lot of background in breaking applications is a desired skill." On the other hand, a network operations center might look for a network ninja who is handy with lots of network sniffing tools. Finally, if your company needs a systems administrator, a hacker who has broken into systems and who knows how to find the holes within various servers and where vulnerabilities exist might be the best bet. "They're all very unique jobs and they all take very unique skill sets," says MacDougall.

[ Read more about the government's use of malware for security purposes. See Was U.S. Government's Stuxnet Brag A Mistake? ]

Be prepared to embrace open source. Most hackers are open source enthusiasts--a plus for companies who need to stretch IT resources. "It's advantageous to have someone who is familiar with open source tools because they're a lot easier to deploy in a lot of organizations, and it can make a company a lot more agile in terms of software development and network administration," says MacDougall.

Still, for hackers to put their open source skills to good use, MacDougall says, "It's critical that senior management has bought into open source or that you have a visionary CTO or CIO who says open source is the way we want to go." Without this leap of faith on the part of an IT leader, according to MacDougall, a hacker's open source prowess will simply go to waste.

Limit time spent underground. One of the most impressive things a hacker can bring to the table is access to an elite--and often underground--network of IT whiz kids. But while this brain trust can prove useful, MacDougall warns, "If the hacker is involved in the underground scene and frequents a lot of forums and IRC chats, you still need to be very cautious. You can get a lot of blowback."

For example, MacDougall points to the hacker who spends hours plumbing forums for tidbits on "zero-day" attacks. "I have to seriously question the value of spending all that time underground," he says. Rather, simply paying for services that track traffic and monitor data logs frees up a hacker for more important tasks.

Revel in the D.I.Y. spirit. Years spent breaking down systems and cracking passwords teach hackers a thing or two about being resourceful. This is just the type of scrappiness that cost-conscious IT shops will appreciate. After all, says MacDougall, "A lot of freeware and open source programs can let small IT teams do a lot on a fairly small budget."

Test for authenticity. Checking references isn't always an option when it comes to hiring a hacker. "It's a judgement call," warns MacDougall. "You have to tread very carefully, especially if that someone professes to be a hacker--a good hacker is never going to tell you that they're a hacker. How many bank robbers introduce themselves as a bank robber?" Instead, MacDougall advises using online hacker challenges to test a prospect's breaking and cracking skills.

Black Hat USA Las Vegas, the premiere conference on information security, features four days of deep technical training followed by two days of presentations from speakers discussing their latest research around a broad range of security topics. At Caesars Palace in Las Vegas, July 21-26. Register today.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 6   >   >>
andder0
50%
50%
andder0,
User Rank: Apprentice
5/27/2020 | 10:06:44 AM
Pending Review
This comment is waiting for review by our moderators.
andder0
50%
50%
andder0,
User Rank: Apprentice
5/27/2020 | 9:58:31 AM
Pending Review
This comment is waiting for review by our moderators.
Hire A Hacker
50%
50%
Hire A Hacker,
User Rank: Apprentice
5/16/2020 | 5:04:20 AM
Pending Review
This comment is waiting for review by our moderators.
Hire A Hacker
50%
50%
Hire A Hacker,
User Rank: Apprentice
5/16/2020 | 4:36:35 AM
Pending Review
This comment is waiting for review by our moderators.
alphadata
50%
50%
alphadata,
User Rank: Apprentice
4/22/2020 | 3:36:22 AM
Re: Pending Review
Businesses in Dubai are not sparing any efforts to tap viable avenues to boost income and boom, and the state-of-the-art trend is that companies specialising in huge facts are unlocking possibilities to examine consumer preferences, loyalties and any segment in order to help boost purchaser numbers.

Big Data is a term that describes the massive volume of information - each established and unstructured - that inundates an enterprise on a daily basis. But it's not the amount of information it really is important: it is what firms do with the statistics that matter. Big data can be analysed for insights that lead to higher decisions and strategic business moves, in keeping with the definition given by using SAS Institute.

Big Data analytics for e-commerce

The e-trade market within the Middle East location is developing at an unprecedented price, with industry reports indicating MENA vicinity to be the fastest-developing vicinity in the international for e-trade, with an annual growth rate of 25% and UAE, in particular, is set to be on a high increase trajectory.

Dubai, United Arab Emirates: With the permeation of technology, purchasers are leaving digital footprints as they save on line, giving retailers a repository of statistics to work with.

Ecommerce constitutes a big portion of the retail sales with customers opting to save from e-trade channels in place of brick and mortar stores.

The Alpha Data e-commerce market in the Middle East place is developing at an unprecedented price, with enterprise reviews indicating MENA area to be the fastest-growing place inside the international for e-trade, with an annual growth charge of 25% and UAE, in particular, is about to be on a high increase trajectory. It is currently positioned as the MENA region's fast-developing e-commerce market, intently followed by means of Saudi Arabia.

In mild of this growing preference, e-commerce providers are counting on analytics and records science to understand the shopping pattern in their customers, offer them personalised offers to ensure customer base to drive more and more sales and create a dominance in the industry.

Retailers can use the crucial statistics sourced from the beyond to effective use for predictive modelling, buy rationale modelling, and other essential insights a good way to make a giant impact on the enterprise.

Most of the boom in retail is expected to return from online channels. Given the e-commerce market's burgeoning increase in the MENA place, a panel of problem matter specialists at the upcoming Smart Data Summit will speak how the contribution of analytics is essential for increasing online revenue and the importance of predictive analytics in driving the growth of this enterprise.

Big Data Analytics Dubai - Applications

UAE has seen a major change in its infrastructure for IT. All the big data companies in Dubai, their strategies revolve around mobility services, sopping experiences, traffic management and event experience.

This massive data bandwagon incorporating BI tools, real-time records mining & analytics enable to reap extra success

Jerry004
50%
50%
Jerry004,
User Rank: Apprentice
4/16/2020 | 4:40:11 PM
Pending Review
This comment is waiting for review by our moderators.
Martin_sales
50%
50%
Martin_sales,
User Rank: Apprentice
3/30/2020 | 11:03:48 AM
Pending Review
This comment is waiting for review by our moderators.
Gabrael
50%
50%
Gabrael,
User Rank: Apprentice
3/20/2020 | 6:49:10 AM
Pending Review
This comment is waiting for review by our moderators.
Sophiewilliams202
50%
50%
Sophiewilliams202,
User Rank: Apprentice
3/12/2020 | 4:57:51 AM
Pending Review
This comment is waiting for review by our moderators.
MalcomWillis
50%
50%
MalcomWillis,
User Rank: Apprentice
3/10/2020 | 9:38:20 PM
Pending Review
This comment is waiting for review by our moderators.
Page 1 / 6   >   >>
Slideshows
IT Careers: 10 Industries with Job Openings Right Now
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/27/2020
Commentary
How 5G Rollout May Benefit Businesses More than Consumers
Joao-Pierre S. Ruth, Senior Writer,  5/21/2020
News
IT Leadership in Education: Getting Online School Right
Jessica Davis, Senior Editor, Enterprise Apps,  5/20/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Slideshows
Flash Poll