You may have heard of the saying, ‘It takes a thief to catch a thief.’ Here at Newsflash Online, we know that sometimes it takes a hacker to expose an IT system’s vulnerabilities – which isn’t quite as catchy but still represents an important part of many organisations’ security strategies.
Essentially, hackers are paid a ‘bug bounty’ when they identify and report a security weakness to an organisation that is part of the HackerOne programme. There are more than a thousand such organisations, including the likes of Twitter, Verizon, Google, Nintendo and even the US Department of Defense.
19-year-old becomes first to make $1m
Now, a self-taught teenager from Argentina has become the first individual to make a million (in US dollars) from the legal hacking programme. 19-year-old Santiago Lopez started searching for vulnerabilities in 2015 and has since reported more than 1,600 security flaws.
More than 330,000 hackers are participating in the programme, but Lopez, who goes by the hacker handle @try_to_hack, is consistently at or near the top of the HackerOne leaderboard.
He said: ‘To me, this achievement represents that companies and the people that trust them are becoming more secure than they were before, and that is incredible. This is what motivates me to continue to push myself and inspires me to get my hacking to the next level.’
Teenager is a ‘role model for aspiring hackers’
HackerOne’s CEO Mårten Mickos added: ‘The entire HackerOne community stands in awe of Santiago’s work. Curious, self-taught and creative, Santiago is a role model for hundreds of thousands of aspiring hackers around the world.
‘The hacker community is the most powerful defence we have against cyber crime. This is a fantastic milestone for Santiago, but much greater are the improvements in security that companies have achieved and keep achieving thanks to Santiago’s relentless work.’
According to its own annual report, HackerOne has now paid more than $42m in bounties for around 93,000 reported vulnerabilities. In 2017, the programme paid around $9.3m. Last year, the figure had more than doubled to $19m, indicating just how quickly the programme was accelerating.
HackerOne hackers are located in more than 150 countries, though most are concentrated in a handful, including India, Russia, the UK, the US and Pakistan.
Today’s news was brought to you by TD SYNNEX – the UK’s number one distributor.
Read more of our latest Industry Updates stories
