Header image

Meet the man with 1.7 mn hackers on his books

Mårten Mickos, CEO of HackerOne, talks to SC Media about his relentless hunt for 'good hackers' 

Hackers are often portrayed in a negative light. The current Mirror Group phone hacking trial is a case in point. But there are positive examples too, such as recent reports about Ukrainian hackers fighting a cyber war with Russia.

According to Mårten Mickos, CEO of HackerOne, a security and bug bounty platform, ethical hackers are about to rise to “even greater importance” in a world of deep fakes and rising identity theft.

And with 1.7 million ethical hackers on his books ­­– discovering over 65,000 software flaws in companies such as Grammarly, Zoom, PayPal and Google – Mickos knows what he talking about.

As global geopolitical hacking fears scale new heights, Mickos is confident that the global number of ethical hackers outweighs criminal targeting the west, from countries such as Russia, Iran and China.

“It’s safe to say, as an estimate, there are still more ethical hackers than criminals. Even if there are 100,000 criminal hackers in China, that remains the case,” Mickos tells SC Media UK.

“There are more good people than bad people – it’s a race against time. It will soon become difficult to discern what’s real and what’s not with the rise of deep fakes. So authentication and fact checking will become routine.

“In the past, we might have laughed at poorly-constructed phishing emails from Nigeria but ChatGPT will write beautiful, personalised messages. Deception will rise to a whole new level.”

Mickos says ethical hackers are set to play an increasingly critical role in global defence.

“As well as finding bugs, they will be ready to do the work to find algorithmic bias and AI hallucinations,” he explains.

So, what does a hacker look like?

Mickos says the stereotype of a male hooded-hacker in a basement may not be entirely fabricated.

“Most stereotypes are built on at least a grain of truth. The cliche of the white male is true to a certain extent. Half of our hackers are 24-years or younger and most of them are men.

"The majority hail from markets with good STEM education and pervasive internet, such as India, South America, North Africa and even Turkey.”

The defining characteristic of a hacker is ‘curiosity’, says Mickos.

“They just want to figure it out. Hackers get so much criticism in the press but they are very pure people – I don’t even know an unethical hacker. They are the most idealistic people on the planet."

Ethical hackers don’t receive salaries as such, but rewards or ‘bounties’ for finding bugs and vulnerabilities. They often look for bugs outside the realm of their standard pay check job, says Mickos.

HackerOne has doled out $250 million in rewards since its inception in 2015.

The bug-hunting company, which has around 3,000 customers, expects to see its client base ramp up in the coming years.

“The reality is we have a frightening model – people don’t want to know about their weaknesses. Once they realise they have a problem, they know they have to fix it. But reality needs to be faced to build resilient defences.”

Upcoming Events

24
Oct
Webinar

Securing Data in the Cloud: Advanced Strategies for Cloud Application Security

Discussing the current trends in cloud security, focusing on the challenges of hybrid environments

In this live webinar, join security specialists from OPSWAT to discuss the current trends in cloud security, focusing on the challenges of hybrid environments, including diminished visibility and weakened threat detection.

image image