Category Archives: Hacken Updates
Nothing in the world could have one hundred percent safety from illegal Interference, especially when we speak about cyber security. However, this fact doesn’t mean that all such businesses should not try to reach the maximum available level of cyber safety. Among the most dangerous threats to modern IT companies, there are so-called zero-day vulnerabilities. The reason is that they could cause the most adverse damage to the businesses or their programs when they are found.
Big Game Hunting
Zero-day vulnerabilities are the composite name for the range of weak parts of the code. They are called zero-day because these weaknesses or holes are exploited by hackers before the moment when vendor acknowledges about them and hurries to fix. That’s why zero-day vulnerabilities are called in such a way – someone acknowledges about the weakness of code directly from the report of its abuse by the third person. In turn, bug fix issuing would certainly take some time, so the investigators of a vulnerability, so the initial investigators could abuse it at least for some time.
That is why zero-day vulnerabilities work as a red flag for all unethical hackers, people who make money with illegal activities. Often, the highest amount of money or information is stolen during zero-day attacks because a system or code isn’t prepared to them. To get the better understanding of the threat of zero-days for the cyber security industry, just refer to any loud cyber security scandals of the recent times.
For instance, in May 2017, Wikileaks published more than 8,5 thousands of leaked CIA documents with the code name “Vault 7”. The curiosity of the situation is that a concerning amount of the stolen information contained undisclosed zero-day vulnerabilities of computers, smartphones, and other devices. The agency uses them to compromise the devices and their users in case of necessity. Additionally, the irony is that all these documents were leaked to the web due to some zero-day vulnerabilities in CIA cyber security system. From this short and understandable example, the role of zero-day vulnerabilities and attacks could be easily understood.
Changing the Rules of the Game
The above information proves that zero-day vulnerabilities are top tier threats for the whole cyber security industry. So, could cause extremely adverse results. That’s why there is a strong necessity to come up with an answer to zero-day attacks. The nowadays cyber security community offers zero-day remuneration for those who would report them without abusing. Mainly, this message is targeted on white hat hackers, whose mission is to improve the safety of information in the world. These remunerations are designed to replace the expenses of the vendor in case of zero-day attack.
From this point, it’s crucial for the industry to have a sufficient number of white hat hackers who would be attracted in zero-day researches. The problem would never become less actual because new vendors enter various markets on a daily basis and become the new potential victims. Cyber security issues fixing is a hard and long-lasting process, which require huge efforts from a white hat hacker.
Collaboration is the Cure
It would sound peculiarly from the first sight, but the more people would be involved in a zero-day research project, the more successful would be results of it. Obviously, it’s crucial to control the members of the team, so there would be no black hackers there. However, one thing is undoubted – collaboration shows far better results. With these purposes, the cyber security industry reacted on the challenge of fixing zero-day vulnerabilities by offering remunerations for those white hat hackers, who would report on them.
These zero-day compensations are aimed to encourage the desire of white hat hackers in finding the vulnerabilities in the code. The biggest problem of zero-day researches is the fact that the majority of them are previously undisclosed and unrewarded. These characteristics lead to the point that it is not an easy task to find all of them. Therefore, the remunerations system is essential for the global overcoming of the zero-day threat.
Punishment for Assistance
Strangely, the history has some cases, when white hat hackers were accused of abusing zero-day vulnerabilities, even when they reported about them accordingly. The most widespread statement about zero-days on the Internet is that no one speaks about zero-days in any context. Otherwise, the person could be accused of abusing it, which leads to negative events in his or her life. This point of view and attitude is stated by multiple media of IT and cyber security industries in Europe and USA. To make the cyber security and zero-day threats less dangerous, it is necessary to change that stereotype and create mechanisms for reporting these vulnerabilities without being under the investigation of abusing them.
To support the argument, it would be proper to refer to some cases. The biggest Ukrainian bank, PrivatBank, sued a white hat hacker, who found a zero-day vulnerability in their program and managed to transfer a test amount of money to his account. After this, he reported to the bank administration about disclosed zero-day vulnerability and showed the proofs. He promised to return the funds and claimed to be a white hat hacker, who was willing to help and earn money by eliminating such vulnerabilities. However, PrivatBank sued him for cyber crimes and won the case.
Hacken Support White Hackers
Understanding the challenge of white hat hackers in disclosing zero-day vulnerabilities, it is crucial to mention that any single report is a possibility to be sued by the company. From this point of view, it is obvious why not all of the cyber security professionals are keen on working with zero-day reports. However, Hacken ecosystem and cryptocurrency of the same name is designed to solve the problem. Hacken Zero-Day Remunerations Platform is designed entirely for the needs of better zero-day vulnerabilities disclosing. The project would create a concerning fund from the token sale, which would be then rewarded to the zero-day reporters. The company even started activities in seeking of the best white hat hacker candidates for the platform. For these purposes, the company launched an annual cyber security competition HackIT.
White Hat Hackers would be granted with anonymity in their activity inside the described ecosystem because of Hacken cryptocurrency usage as the only reward method available. Clients of Zero-Day Remuneration Platform would be granted with the opportunity to work with the community of professionals. It’s based entirely on the principles of fair share, crowdtesting, and ethical concerns of the industry promoted by the platform.
Join Chat with Hacken: https://t.me/joinchat/B48AhUL2iPblaEcQ-qRqYQ