17 August 2018
When you think of hackers, what do you think of?
I wouldn’t be surprised if your reaction was that they’re the bad guys! However, you’d be wrong. Many hackers are incredible researchers who are at the very cutting edge of the latest technologies. They’re uncovering and reporting vulnerabilities before they can be exploited by people who are up to no good.
We’re constantly trying to evolve security on the internet, it’s our mission. And, what better way than by joining forces with those at the very coal face? A few years ago we acquired a small business of ethical hackers. This team became the larger Secarma team – UKFast’s cybersecurity sister company, specialising in finding the flaws that hackers could use for malicious gains.
Using the same methods as cybercriminals, ethical hackers find the flaws in your security. But rather than using them for their gain, they flag them with you and help you to secure your systems.
This week, one of the security team at Secarma spoke at one of the cybersecurity events of the year, highlighting a flaw he discovered in WordPress. The flaw has the potential to affect 26% of the entire internet and 30% of the top 1000 websites.
In discovering the flaw, the researcher, Sam, flagged the issue to WordPress but the site is yet to action a fix. A full whitepaper about the research can be found on the Secarma site.
One of the most important parts of an ethical hackers job is research. All too often security companies see ethical hackers as a team to plough through client after client, case after case. In fact, having what are known as ‘white days’ is essential. This is time to research the latest techniques, to stay up to speed with the industry and to find flaws elsewhere that we can learn from. It’s also an opportunity to help to secure the wider internet world too. In this case, WordPress have the opportunity to fix a flaw that has real potential to affect a huge number of sites.
Not only does research like this help us to improve our clients’ security, it also helps to secure the rest of the internet too. That’s no mean feat!
We’re currently recruiting for 20 more ethical hackers to join the Secarma team. To work alongside our team on client work and research like this. Get in touch if you’re interested.