Indian hacker turns cyber cop

[InfoSec News <isn () c4i org>]

http://news.bbc.co.uk/hi/english/world/south_asia/newsid_1934000/1934874.stm

[Is the U.S. Govt that hard up for consultants that its hiring 
16 year old former defacers to work as intelligence consultants 
in information security?  - WK]


By Brajesh Upadhyay 
of the BBC Hindi service 
17 April, 2002

The clock had just struck midnight when users logged onto a popular
chat site noticed a rather short message flashing up on their
monitors: "DOS attack".

To the majority, it may not have meant much, but to 16-year-old Ankit
Fadia sitting in front of his PC in the Indian capital Delhi it was a
"Denial of Service" attack - someone somewhere was trying to hack into
a website.

Within seconds, he had managed to track the location of the sender -
from somewhere in Pakistan. Minutes later he had also found the target
of attack - the website of a top Indian firm.

They were soon alerted and a major hack was averted.

Early start

Ankit Fadia is one of the many "ethical hackers" now employed by
businesses all over the world to protect against such attacks.

"It was my first anti-hacking operation and it was successful," says
Ankit, who was only 10 days into a job as an intelligence consultant
with a US Government agency when he saved this website.

He refuses to divulge the name of the agency he is employed by or the
firm whose website he saved for security reasons.

At 14, Ankit defaced the front page of an Indian magazine and sent an
e-mail to the editor confessing to the hack and suggesting counter
measures.

He wrote a book on "ethical hacking" at the age of 15, becoming the
youngest ever author to be published by Macmillan India.

"The term hacking leaves a negative impact on people," he says.

"In reality, hackers are actually good, pleasant and extremely
intelligent people who could keep computer criminals on the run.''

India catches up

Employing ethical hackers to protect against malicious ones has become
common practice in the US, but has only recently caught on in India.

It only really got going when the Reserve Bank of India directed its
banks to use "ethical hackers" last year, according to Pavan Duggal,
President of Cyberlaw.net, a law firm with expertise in cyber laws.

"It was done after several Pakistan-based hackers launched some sort
of cyber war against India and the sites belonging to the Ministry of
External Affairs and the Atomic Energy Research Board were hacked,"  
says Mr Duggal.

However, there is still no organised body to guard against such
practice.

"We don't have a strong legal regime to protect against such
violations," says Pavan Duggal.

As for Ankit Fadia, Pavan Duggal says he is now so well known in the
net community, that there are even some in the corporate world who
fear his success might encourage others to turn to hacking.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.