Getting inside the minds of ethical hackers
Dan Hatch gets to know some ethical hackers, learning what makes them tick and how they can help businesses by attacking them.

It's "a little disheartening," McLaughlin admits, but the most common mistakes made today like lazy passwords are the same mistakes Wood was pointing out to clients 20 years ago.
Wood advocates the use of passphrases instead of passwords claiming they're both easier to remember and infinitely harder to guess.
"This would, in one stroke, remove the single largest vulnerability we find as internal testers and firms won't do it," he said.
"Beyond that we need to understand that the programs we are running in 2011 are very different in quality from the programs we were running 10 years ago."
As the IT world continues to change, so too do the challenges faced. Three factors in particular have changed the nature of security dramatically in the past year.
"The first is cloud services, the second is consumerisation where staff are increasingly being allowed to use their own equipment in the corporate environment and the third is social networking," Wood said.
IT decision-makers need to look closely at their legal and security requirements before signing up to the cloud, he warned.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"For instance, if I have personal, identifiable information about citizens in Europe, the Data Protection Act will apply to me," he continued.
"If I arbitrarily choose a cloud provider on the basis of cost alone and upload that data onto their servers without identifying where those servers are located, I can immediately be in breach of data protection legislation."
This would also make it harder for ethical hackers to test data security. That said, if anyone can find a way to make it work, it's likely to be Wood.
An old head for modern times
At 58, he has spent a lifetime tinkering with computers. It is a career that found him, not the other way around. He was never an illegal hacker. He never formally studied it. His interest and abilities evolved along with computers themselves.
"I was always interested in technology, even as a small boy," he said. "I was the kind of kid who pulled something apart to find out how it worked."
A good student, Wood's world was rocked at the age of nine when his father committed suicide. He was still top of the class at his Sussex school at age 11, but by 16 he railed against authority and dropped out. Today, his long grey ponytail betrays his past as a slightly wild child of the 60s.
It's like being the combination of Sherlock Holmes and a naughty schoolboy
His first job was with a hardware firm in Horsham, working on systems for BBC radio and television. He studied electronics. He came across his first computer in 1970 working for a company called Computing Techniques, testing industrial control analogue-digital hybrid computers.
"That suited my personality enormously well because I've always preferred trying to break things to trying to make things," he said.
Over the years he worked with computers and systems for various companies even spending some of the mid-70s installing systems behind the Iron Curtain in Poland before opening his own consultancies.
He has seen computing change from a world where data was loaded one byte at a time, by switches, through to the internet age where gigabytes can be sent across the world at the click of a mouse.
Wood said he particularly loved ethical hacking because "it's like being the combination of Sherlock Holmes and a naughty schoolboy".
"You are actually making systems more secure, which in turn makes the average citizens life secure, in the long run," he said.
It's also a growth industry and one Wood encourages young people to consider.
"There's no greater thrill than being with [co-worker] Andy when he gets into a secure data centre just by using his voice, or being with Mike when he gets into the most sensitive data in a worldwide legal firm and gets it within ten minutes," he added.
"It's exciting. It's like a multi-dimensional crossword puzzle."
-
Enterprises face delicate balancing act with data center sustainability goals
News High energy consumption, raw material requirements, and physical space constraints are holding back data center sustainability efforts, according to new research from Seagate.
By Emma Woollacott
-
Cleo attack victim list grows as Hertz confirms customer data stolen
News Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
By Ross Kelly
-
'You need your own bots' to wage war against rogue AI, warns Varonis VP
News Infosec pros are urged to get serious about data access control and automation to thwart AI breaches
By Rene Millman
-
CrowdStrike CEO: Embrace AI or be crushed by cyber crooks
News Exec urges infosec bods to adopt next-gen SIEM driven by AI – or risk being outpaced by criminals
By Rene Millman
-
Microsoft security boss warns AI insecurity 'unprecedented' as tech goes mainstream
News RSA keynote paints a terrifying picture of billion-plus GenAI users facing innovative criminal tactics
By Rene Millman
-
APIcalypse Now: Akamai CSO warns of surging attacks and backdoored open source components
NEWS Apps and APIs bear the brunt as threat actors pivot to living off the land
By Rene Millman
-
AI is changing the game when it comes to cyber security
News With AI becoming more of an everyday reality, innovative strategies are needed to counter increasingly sophisticated threats
By Rene Millman
-
RSAC Chairman urges collaboration to ensure collective defense in security
News Chairman emphasizes the critical need for cooperation among cyber security experts
By Rene Millman
-
IT Pro Live: The future of encryption
Video AI and quantum ccomputing could be about to change the face of security forever
By IT Pro
-
Mobile apps now most common method of fraud
News RSA Security report highlights the rise in burner devices and rogue apps
By Bobby Hellard