While the unethical hackers of the world look for security vulnerabilities in everything from routers to PIN-pads, the ethical hackers at Trustwave try to beat them to the punch. The cyber-security firm officially opened its ethical hacking lab this summer at its Chicago headquarters.
The lab's hackers test a variety of "commonly exploited technologies," including ATMs, routers, webcams and PIN-pads used for retail purchases. Some of the devices they check for vulnerabilities are there at a specific client's request, while others were bought off the shelf by Trustwave itself.
The goal of every hack at the lab is to try and find a potential problem before malicious hackers do, then look for ways to improve security and reduce the chances of a breach.
Fast-Growing Security Threats
We reached out to Trustwave hacker Matthew Jakubowski to learn more about what "ethical hacking" at the lab involves.
"We're able to take a deeper look at consumer-based electronics," Jakubowski said. As devices like cellphones and webcams become increasingly powerful, he said, their systems become more complex, which leaves more potential avenues for security breaches. With an Internet-connected webcam, for example, it can be possible to access the device remotely and use it to take pictures without the owner's knowledge.
"It's not really a surprise anymore in what we're finding," Jakubowski said. The lab's biggest revelation, he said, has come from seeing just how quickly the number of cyber-security threats is growing.
Not all the vulnerabilities the lab has discovered require super computing skills, though. Some have involved more old-school security failures, like failing to change the lock on an ATM after it has changed hands. In one case, Jakubowski said, the lab was able to break into an ATM by buying a key online for $12.
This article has been extracted from http://www.toptechnews.com/, please click on this link to read the article in full http://www.toptechnews.com/article/index.php?story_id=020000MITTY8
Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.