White Hat Hackers Are the “Good” Kind of Hackers

Living the digital lifestyle we all live, you can’t check the daily news without seeing a story about someone or some company getting hacked.

Wednesday we learned that the website for the Washington State court system was hacked and up to 160,000 Social Security numbers and a million driver’s license numbers may have been accessed.

Also this week, the author of the Sex and the City books, Candace Bushnell, was hacked. A section of her new, unreleased, book was lifted and pushed out through Twitter by a hacker named Guccifer who also famously hacked George Bush Senior, Hilary Clinton and Colin Powell.

But not all the hackers out there are bad. The Seattle Times recently did a story on the good guys, called White Hat Hackers. One of them is Mikhail Davidov, senior security consultant with Seattle’s Leviathan Security.

“White hat hackers are typically consultants like myself that companies hire to actually come in and evaluate their hardware and software products for security vulnerabilities before malicious attackers have a chance to do so themselves.”

These hackers know everything the bad guys know, only they use their talents for good instead of evil.

“This industry is still extremely young. It used to be a very, very bad thing to be called a hacker, but now it’s coming into a more and more positive light because we’re the good guys. We’re able to do what the bad guys can do but often times better.”

They do their jobs so well, in fact, that companies often get upset about all the flaws and holes Mikhail finds in their systems.

“People that come to us looking for just a check box usually come out very angry and usually it ends up delaying their products.”

He says Leviathan is one of only about 20 white hat hacker firms in the US and many of them are concentrated in Seattle.

Mikhail had to wake up early for our interview, scheduled for 11 o’clock Thursday morning. Fresh faced, with a purple mohawk, he says he usually stays up all night hacking, sleeps until noon and mostly works from home. His hacker tendencies started as a child.

“I got my start trying to cheat at video games. I slowly started taking those apart, manipulated them to actually get higher scores.”

And by the time he was a teenager, he’d moved on to bigger prospects.

“I got into the security community in Seattle at a pretty young age. In high school I caused a bit of trouble. I accidentally ended up taking down the entire school’s network during final’s week and they were not too happy about that.”

But thinking out of the box is definitely encouraged.

“We do not care if you have a college degree to work here. I’m one of the few people that actually does have a college degree, in this company.”

The company is currently doing work for DARPA, a research arm of the US government, but as far as the other companies he’s protecting against the bad guys…

“Unfortunately we cannot talk about who we actually do work for. Due to the nature of our work, a lot of people do not want [the public] to know that we actually work for them. But if you’ve purchased a computer in the past four or five years, there’s pretty much definitely a chance that I’ve looked at either some hardware or software components of that.”

He offers up some advice on how you can protect your own computer.

“I would always recommend installing Microsoft Security Essentials as well as EMET which is a security hardening tool provided by Microsoft. Mac people? They’re on their own.”