Three in a boat, not counting the criminal
Posted: Thu Feb 13, 2025 5:14 am
The business club "Hacker, Vendor, Client - Security Without Cuts" discussed on April 21 in Moscow the issues of information security of consumers and corporations from an unexpected (offensive, or hacker) side. The discussion was about how to ensure information security without damaging privacy, how thin is the line between law-abiding hackers and cybercriminals, whether it is ethical to create potentially extremely destructive cyber weapons while serving in the government.
The tone was set by Gleb Cherbov, Deputy Director of the switzerland whatsapp data Audit Department at Digital Security, who defined a hacker as an enthusiast who is captivated by the passion for learning about technology, exploring the world of technology simply for fun. I would like to point out that enthusiasts operating outside the corporate framework are a natural asymmetric response to corporate and government cybersecurity departments, whose specialists still come at 9 and leave at 18.
Participants of the discussion "Black-, White-, Gray- hat, is there a difference?" (IS specialist Oleg "090h" Kupreev, SolidLab director Andrey "petand" Petukhov, deputy director of the security audit department of Digital Security Gleb Cherbov, equipment IS specialist Lev "Shadowsoul", web application IS specialist of ONSEC Anton "Bo0oM" Lopanitsyn, independent IS expert Alisa) agreed that there is no de facto border and many hackers are on both sides at the same time, for example, receiving money for submitting vulnerabilities to legal bug bounty programs and selling databases obtained by exploiting vulnerabilities on the "black" market at the same time. This alarming unanimity makes one think about controlling such a "live" cyber weapon as hackers. Without strong moral boundaries, cyberspace may never emerge from its current Wild West state, where a criminal does not fear the sheriff (of the country) where he has left his mark, only because he is already out of reach - in the territory of another country that does not cooperate with the crime scene.
The tone was set by Gleb Cherbov, Deputy Director of the switzerland whatsapp data Audit Department at Digital Security, who defined a hacker as an enthusiast who is captivated by the passion for learning about technology, exploring the world of technology simply for fun. I would like to point out that enthusiasts operating outside the corporate framework are a natural asymmetric response to corporate and government cybersecurity departments, whose specialists still come at 9 and leave at 18.
Participants of the discussion "Black-, White-, Gray- hat, is there a difference?" (IS specialist Oleg "090h" Kupreev, SolidLab director Andrey "petand" Petukhov, deputy director of the security audit department of Digital Security Gleb Cherbov, equipment IS specialist Lev "Shadowsoul", web application IS specialist of ONSEC Anton "Bo0oM" Lopanitsyn, independent IS expert Alisa) agreed that there is no de facto border and many hackers are on both sides at the same time, for example, receiving money for submitting vulnerabilities to legal bug bounty programs and selling databases obtained by exploiting vulnerabilities on the "black" market at the same time. This alarming unanimity makes one think about controlling such a "live" cyber weapon as hackers. Without strong moral boundaries, cyberspace may never emerge from its current Wild West state, where a criminal does not fear the sheriff (of the country) where he has left his mark, only because he is already out of reach - in the territory of another country that does not cooperate with the crime scene.