Information Security News mailing list archives
Hackers Not Wanted for Hack Job
From: InfoSec News <isn () C4I ORG>
Date: Thu, 28 Sep 2000 03:45:35 -0500
http://www.wired.com/news/business/0,1367,39093,00.html Reuters 9:20 a.m. Sep. 27, 2000 PDT LONDON -- A British IT company launched an anti-hacking unit Wednesday but said some of the best qualified candidates -- the hackers -- need not apply. Guardian IT Plc said IXsecurity, formed from a Swedish company it bought last year, would hack into big corporations -- but only with their consent The unit, which sees itself as capable as a hacker, is trying to tap the rapidly growing market for companies keen to protect themselves from cyber attacks. These attacks, hitting Internet banks, government and defense agencies, Web portals and others, have grown more serious as once stand-alone computer systems become linked permanently to the outside world, despite firewalls, passwords and other defenses. "Companies are putting their business-critical systems out on the Web through an Internet interface and opening themselves up to hackers," said Christer Stafferod, IXsecurity's general manager. Guardian, the second largest data backup company in Europe behind IBM, hopes to turn IXsecurity into a world leader in the nascent market for anti-hacking penetration testing. "We have a strong brand and a massive client list in Europe," said Stephen Bean, Guardian's marketing director. IXsecurity's top anti-hacker Ian Vitek, a former security guard, gave a demonstration of how easy it was to break in. Human sloppiness means that, armed with basic software, hackers can often sniff out usernames on a company's server, run through the commonest passwords and gain access. All it may take is one user with an obvious password -- such as "password" or his own username -- and the hacker is in. Four-fifths of companies IXsecurity tested in Sweden over the last year were successfully hacked. But despite their unparalleled skills, hackers -- at least those who were caught -- won't be welcome to join the company, which hopes to add another 40 people to its small staff. "I am not a hacker and we don't hire hackers. No criminals will work here -- it's a matter of trust for our clients," Vitek said. He said some rivals even paid hackers' court fines in order to tempt them into a job, and condemned this as a practice that would encourage cyber vandalism. IXsecurity plans to extend services to France and Germany next year. One-off anti-hacker tests cost around $10,000. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Hackers Not Wanted for Hack Job InfoSec News (Sep 28)