Your system’s weak till it’s hacked

Written By Dhananjay Khadilkar | Updated:

Between them, they had enough tricks to break into any computer network in the world.

Ethical hackers gather in Pune to discuss ways to beat their malicious cousins

PUNE: Between them, they had enough tricks to break into any computer network in the world. Yet when the 100-odd hackers met in Pune on Sunday, the first, and possibly the last, thing they had in mind was the most effective means to block their cousins from the dark from sneaking into corporate and government networks. The main aim of ClubHack 2007 is to dispel the notion that hacking is always a malicious act.

“It isn’t and that’s why we are particular about calling ourselves ethical hackers,” said Chetan Gupta, who works with anti-virus software major Symantec and describes himself as ‘certified ethical hacker’. “Hacking is nothing but exploring a computer and its associated systems.” Gupta, who doubles up a cyber forensic expert for cyber crime departments of various police forces, showed in his presentation how to mine digital evidence from Microsoft Windows. “Hacking is critical to a programme since it helps in assessing its vulnerabilities,” Gupta said.

All major software companies employ ethical hackers who are given a free run on new programmes and codes so that loopholes are detected and plugged. It’s only when the ethical hackers have had a complete look in, and the vulnerabilities fixed, that a new software programme hits the shelves.

Israeli security expert Dror Shalev said hackers play a crucial role in developing a good product. “Would you buy a car that breaks down frequently,” Shalev asked, explaining that ethical hackers save millions of dollars by ensuring that precious databases and information are not compromised. “Hacking is as lucrative as any other job,” said Shalev, who made a presentation on a Trojan virus that links itself to a local area network.  Turn to back page, p22

“Those of us who do clean, constructive work for security firms do it for the love of programming and not money,” he said.

Shalev said the thought of making money hardly crosses the mind of an avid computer enthusiast. “Look at me, I am not a rich man,” he said. But sources in software companies say that the annual packages of ‘ethical hackers’ are in the range of Rs5-15 lakhs, depending on the expertise and experience.

Ethical hackers come to know about vacancies in companies through advertisements for malware experts and security experts. Rohit Srivastwa, founder of ClubHack and the organiser of the convention, said hackers are an integral part of every security firm. “Digital data is extremely fragile. As a result, hackers continually test programmes for vulnerabilities and help in making them safe,” he said. “We want to make security common sense.”