Speaking in the guest keynote at the Gartner security summit in London, security researcher and self-declared hacker Keren Elazari said that the security landscape has evolved to a point where hackers are needed, as cyber-criminals seek new ways to earn money.
She highlighted the emergence of cryptomining efforts and software, particularly in the cases of Starbucks and Tesla, and said that while ransomware was last year’s trend, it was “not time to say goodbye.”
As well as her role model, Angelina Jolie’s character from the 1995 film Hackers, she praised Marcus Hutchins as the “savior of WannaCry”, Barnaby Jack and those who built tools including Shodan, Metasploit and haveibeenpwned.
She said: “I grew up as a hacker and didn’t think I was doing anything wrong, and didn’t imagine myself as a hoodie-wearing hacker, I was a creative and curious child and was always asking questions until 1993 when the internet came to Israel.”
Elazari said that “a world of hackers” need to be enlisted, as the “world is more complicated than before and we cannot do what we did in the past” and that is why an immune system is needed.
She said that this includes deploying bug bounty programs and tapping into hacker conferences like DEFCON, where she said she “sees 30,000 talented individuals.”
Concluding with predictions, she said that cyber-criminals are continuing to evolve “and go big and upstream” using evasive attacks with legitimate tools which exist in the infrastructure. This means that better strategies to deal with attacks and response should be created.
She also said that decisions need to be made on who stands on the front lines, as every day users and individuals “make hundreds of security decisions every day,” and while many are assisted and helped by brilliant security officers, they need the tools to make better decisions.
“Some are based on machine learning and algorithms, and help defend organizations better,” she said. “The future will be defined by conflicts between humans and machines, but how do you enlist help as humans will always outsmart machines - bring the hacker mindset into your organization and you can start today.”