Tech wizards from India are earning millionsย byย discovering security errors in Facebook and Google
You will be surprised to know that ethical hackers from small towns in India are protecting you from getting hacked by finding bugs in big tech websites like Google and Facebook. These unknown heroes are only known in the hacking circles but due to their bug discoveries you may have been safeguarded against a hack attack. Read about some of these bug finders in this article.
Brought up in a small town of Bhadra in western India, nobody expected that one day Anand Prakash would become a multimillionaire.
As a kid, Prakash chose to spend his free time playing computer games in cybercafes rather than playing cricket outdoors with the other boys his age.
While he has was still struggling to find a job at college that is when Prakash chanced upon Facebookโs bug bounty programme that rewards โwhitehatโ hackers, who test the website for bugs and help protect usersโ data.
By testing websites like Facebook and Google for bugs, he has now earned more than 10 million Indian rupees (ยฃ112,000) by keeping millions of peoplesโ personal data secure in the process.
Prakash, a self-taught computer whizz who learned about hacking by reading blogs and watching Youtube videos found his first bug easily. It allowed people to be discovered online after they had turned off their Facebook messenger service. He was paid 33,000 by Facebook for this discovery.
Prakash has since then reported more than 90 bugs to Facebook alone, and many more to companies including Google, Twitter, Adobe, eBay, Dropbox, Paypal and others.
Facebook paid him another 1 million rupees for finding one bug that allowed hackers to access any of the social networking giantโs 1.6 billion usersโ information, which included messages, personal photos, debit and credit card information.
Although Prakashโs findings have made him a rupee millionaire, he says he has never done it for the money. โIโm interested in companies like Facebook and Google because those companies have the most data on individual users in the world.
โI do this work to protect data. If it were just for money Iโd do it for companies with fewer users. Iโm concerned about user privacy and I am a user myself. I care about keeping data safe.โ
Bug bounty hunting is an emerging sport in developing countries like India. In 2015, Facebook received 13,233 submissions from 5,543 hackers from around the world, mainly from small towns in developing countries.
India, Egypt and Trinidad and Tobago, in that order submitted the most reports and the company says the quality of the information hackers provide gets more sophisticated every year.
A whitehat hacker from the small town of Gurdaspur in north India, Rahul Tyagi says many of his friends earn a decent living simply by hunting for bugs on websites such as Twitter and Facebook.
โThey earn around 1-1.5 lakh rupees (ยฃ1000-1500) a month without leaving their bedrooms.โ
To get a job in an expanding population of 1.25billion in India can be tough. Bounty-hunting schemes offer an easy way for young Internet enthusiasts to make a living.
Providing an explanation for the countryโs large percentage of whitehat hackers, Tyagi says, โPeople are just sitting at home with nothing to do. They canโt get a job, so they learn this.โ
Although Tyagiโs own motivations for hacking is little different. โItโs about getting an appreciation from the giants of the world,โ he says. โHacking requires a curious and creative mind. And you have to keep learning every day, because the technology is changing so quickly.โ
Like many other big names on the Indian hacking scene, Tyagi comes from a modest background. โI was the first in my town to get a computer. I started on Windows 98.โ
When he was a teenager, his knowledge of computers got him the reputation of a local techie.
โPeople used to invite me to their homes to install Windows XP. Theyโd give me food and sweets in exchange,โ he says. โFor them it was a big thing โ that I knew so much about computers.โ
Trying to get a game for PlayStation 1 to work on his computer, his first experiments with computer security was when he was just a child. โI was the only kid in the whole of Punjab who could do that at the time,โ he says. โMy first hacks were experimental. Curiosity kept me going.โ
In the last few decades, Indian entrepreneurs and immigrants have been forerunners in the tech sector. However, no one saw Indiaโs tech boom coming, as the country has a low computer literacy rate of less than 7%. Also, the countryโs telecommunications infrastructure was weak and underdeveloped until recently.
Academics have quoted one explanation for Indiaโs success in the IT sector, which is the governmentโs non-interventionist approach. Former IT minister Pramod Mahajan once said that โIT and beauty contests are the two areas the government has stayed out of.โ
With some assistance from the government, Indiaโs cyber security sector could grow even faster argues Prakash.
โThe Indian government hasnโt understood how big our potential is when it comes to hacking. The most talented hackers are Indian, the highest number of bugs are reported from here. We need to cultivate that talent.โ
Started as an ethical hacker, Trishneet Arora, a 22-year old hacker from the city of Ludhiana in northern India has made a successful cyber security business with his skills.
โImagine having the power to hack into someoneโs bank account and steal a million dollars,โ he says. โAnd imagine saying no.โ
Arora believes that the next world war will be won online, and Indiaโs cyber security experts will have an important role to play.
He clarifies that hackers like him are finding new ways to keep patients safe, as hospital software is a particular vulnerability.
โIn the ICU the technology [one hospital] was using was a cloud-based machine,โ he explains. โI hacked it, I found vulnerability and I shut it down. The person on the operating table could have been killed, and youโd never be able to trace the killer.
โThatโs the future of cyber attacks. Theyโll breach our security, weโll breach theirs,โ he says. โGetting access to confidential information can destroy people’sโ lives.โ
Source: The Guardian
