You would be excused if your image of a hacker conjures up images of a guy, with a hoodie pulled over his head half obscuring his eyes, in a dark basement with the only light coming from the computer screen , on which you can see “access denied” until he enters a mystery passcode which suddenly gives him access to a treasure trove of sensitive, personal client information, which he goes about copying with the sole purpose of selling, while simultaneously releasing a virus into the company network designed to corrupt all files and release client names and addresses.
However, just as reality never turns out to be like you imagined, hackers are not as portrayed in well know Hollywood movies or series such as Mr Robot, WarGames or the original Hackers movie. Instead they could be the 16 year old you see crossing the street or that lives down the road, just a typical teenager who apart from gaming and finishing the last couple of years of school, hacks by finding vulnerabilities in certain technologies that can be exploited for the sole purpose of being able to say “I did it” and to mess with friends.
This precisely describes Marcus Weinberger, a 16 year old ethical hacker from the UK, who considers himself to only be a beginner, but who has nevertheless mastered significant skills, knowledge and understanding of cybersecurity programmes and checks, which he successfully breaches through sophisticated maneuverers which skill he furthers by writing his own programmes and tools on which he leverages his work.
Marcus did not attend a specific school or complete any specific computer programme course that lead him into the world of hacking, instead after seeing it on a movie and thinking it was “cool” he pursued it further, teaching himself how to execute penetration testing, security assessments and audits.
Marcus confirms that there are thousands, if not hundreds of thousands, of hackers out there with most hackers pursing a financial gain and ultimately looking to take advantage of and steal from people. The motivation and reasons behind hacking were recently outlined in the 2019 Hacker Report, compiled by Hackerone, which confirms that financial gain is a part of why hackers hack. (Hackerone, 2019)
So, what is the most vulnerable company asset? Its information. As Marcus explains, “whoever has the information has access to everything”. This is precisely what makes law firms such a susceptible target. What better place to access private information than from a law firm, who in terms of the Financial Intelligence Centre Act 38 of 2001 is an accountable institution who is obliged to keep accurate records of a clients identity and personal details whenever establishing a business relationship or concluding a transaction with the client such as when providing legal advice and/or services. Marcus confirms that “[h]ackers target law firms because, rather than go after a single business with just its information, they may as well go after their lawyers who hold information on them and hundreds or thousands of others as well”. Law firms are a lucrative target to say the least.
Many companies are inclined to think that they are highly cyber secure, however remember reality is never as imagined. Marcus makes it clear that “Companies are not even close to being as cyber secure as they think they are” and recommends that all companies should do more, implement more security systems and procedures as well as do more training themselves on hacking and what vulnerabilities there are in so far as information systems are concerned.
Join Marcus Weinberger and the Futures Law Faculty, in partnership with IEIT Holdings, Cyberlogic, Cog3nt and Nuventiv,in discussing the importance of cybersecurity, with a live demonstration by Marcus illustrating the ease with which a system can be compromised, followed by a discussion on Cyber Security with cybersecurity expert Cobus Jooste on 24 October 2019 at 18:00, Inner City Ideas Cartel, 71 Waterkant Street, Cape Town.
For more information see – www.futureslawfaculty.co.za or to buy tickets – https://www.quicket.co.za/events/77143-hacking-cybersecurity/
Author
Kristi Erasmus
Head of Futures Law Faculty