The Latest / Data Security News
August 20, 2019
White hat hackers are an important tool for some of the biggest organizations in the world. White hat hackers find the vulnerabilities in systems, in products and in networks for a reward. The white hat hackers get rewarded, and the business find vulnerabilities before it’s too late and damage is done. Best of all, it’s an approach to cyber security that embodies the right spirit. Cyber security requires a pro-active attitude that takes no chance.
At the recent black hat hacker event in Las Vegas, Apple were the latest to seek help from white hat hackers. Apple announced that it would offer a reward of $1 million to anyone who could hack into the iOS software of its latest iPhone. The hackers needed to gain remote access to the core of the software without needing the phone owner to take any action.
Apple have offered such rewards in the past, but to show the growing importance of such tests, or maybe Apple’s confidence in its software, this pay-out is 5 times bigger than any previous prize offered to white hat hackers.
At the same event in Las Vegas, one talk given by James Pavur, a PhD student at Oxford University, gave a great example of the kind of vulnerabilities that white hat hackers and black hat hackers look for.
Pavur found that poor implementation of GDPR, legislation that is meant to protect our data from misuse has actually created a lot of new scenarios in which hackers can gain information.
With the consent of his partner, Pavur went about collecting as much data as he could from companies about her. He posed as his soon to be wife and asked a number of companies to release the information they held on her on GDPR grounds. A worrying number gave up the information without question, revealing personal information like her social security numbers, date of birth and maiden name. One company even provided credit card details. There was an overall lack of attempts to confirm identity in the process.
That’s a worrying trend but hopefully something that will be ironed out as organizations around the world come to terms with the rules and implementation of GDPR. Again, the attitude displayed is not right though. Too often, chances are taken with data. Organizations and those who work within are not diligent enough with their customers security.
Just like white hat hacking testing, Global Data Sentinel takes no chances when it comes to data security. We give your data the highest protection at all times. Find out more here.