White hat hackers are those unsung sentinels either loved or detested in the security space. While some of them are bug bounty hunters who’ve spotted a weak link in the chain before the bad guys exploited it, some others are anonymous who put the government in an embarrassing spot.
We take a look at the four white hats who shot into the limelight this year.
1. Baptiste Robert, aka Elliot Alderson: French white hat hacker, Baptiste Robert breached Telangana government’s benefit disbursement portal, TSPost and exposed Aadhaar details of 56 lakh NREGA (National Rural Employment Guarantee scheme) beneficiaries, and an additional 40 lakh SSP (Social Security Pensions) legatees.
Robert, who goes by the pseudonym Elliot Alderson on Twitter, shared the exposé on his account and said, “In theory, a government website is very secure, but in India it’s another story.”
Sharing his modus operandi, Robert revealed that he carried out a basic Structures Query Language injection (SQLi) to penetrate the site.
2. Sahad NK: In a revelation of serious consequence, Indian security researcher and bug bounty hunter Sahad NK discovered that a series of vulnerabilities strung together made it possible for hackers to hijack just about any Microsoft user account – right from Outlook emails to MS Office documents.
In his blog, Sahad revealed that during the initial recon, he retrieved the list of all possible subdomains of Office.com pointing to numerous Azure instances.
3. Anand Prakash: The 23-year old shot to fame after bagging an impressive Rs 1.2 crore for finding bugs in Twitter and Facebook.
Prakash, who featured in the 2017 Forbes 30-under-30 Asia list, believes the best way ahead is to tap into the immense potential that lies within the country, rather than curb these 'out-of-the-box' thinkers.
4. Benild Joseph: The 25-year-old renowned white hat hacker is listed among the top 10 ethical hackers in India by Microsoft social forum and silicon Indian magazine.
Joseph has discovered critical vulnerabilities in popular websites including Facebook, Yahoo, Blackberry, Sony pictures, Tesco, AstraZeneca, Vodafone, and Deutsche Telekom.