Ethical hackers – sometimes called White Hats – work the same way as their Black Hat counterparts except when they exploit computer system vulnerabilities they do it to help organizations better protect themselves.
Black Hats exploit vulnerabilities for personal financial gain or to build up their own reputation inside the Dark Web community.
One of the more noted ethical hackers is Marc Weintraub and he still needs to keep a low profile. That’s why EChannelNews is not showing his photo. Weintraub’s job is considered hacking because he tries to penetrate or shut down computer systems. And, most of the time Weintraub is successful.
But recently, Weintraub met his match with Barrier1, an integrated cyber security vendor based in Minnesota. Barrier1 was selected to be a member of the Operation Center COM-L team for Super Bowl 50 and provides a solution that marries Intelligent Threat Management with Automated Threat Management.
During the EChannelNews podcast hosted by Julian Lee, Jim Libersky, the president of Barrier1 said his company was founded by GE executives who understood the cyber-attack landscape was changing. “Hackers were now operating and mutating at increased speeds and this became polymorphic. The company saw some basic attributes and it became the basis of the Intelligent Threat Management solution,” he said.
Today, this solution includes new artificial intelligence, deep learning and neural network technology for blocking threats.
For Weintraub he was tasked to break into the Barrier1 system.
The company made a make-shift lab that was similar to a full network with edge routers. Weintraub quickly determined, through a scan, many open ports where he could infiltrate the system.
As he went to click to gain access to one of these ports suddenly it was all gone. Undeterred, Weintraub tried again – this time from a different location – and he got the same result. He made a third attempt from inside a hospital only to see the same result.
Weintraub’s three attempts were all synchronized as he hoped it would confuse the Barrier1 system, but there was no such luck.
Confused Weintraub contacted Barrier1 to make sure if the company network was up because he could not see it anymore. He was assured the network was up and running just fine.
Weintraub told the EChannelNews podcast that he’s been in the industry since 1983 testing Novel networks. He discovered there could be a business hacking into organizations from an ethical standpoint. From there he has amassed an impressive list of clients such as American Express, Bloomberg and Merrill Lynch.
“Seeing this for the first time it was staggering. My IP address was blocked in 0.000018 seconds. I’ve never seen anything like that in my wildest dreams,” he said.
Weintraub’s test was essentially trying to spoof the Barrier1 system. He said he was blocked because the UDP port reported zero traffic and it made it seem he existed since he created a mask address with undefined code. But Barrier1 found him out and immediately stopped him.
“I was just sitting there amazed,” he added. “I usually see open ports that I can explore with the tools I use and most are open ports without vulnerability patches. So, I can just go in. In this case, the vulnerability tool I use was rendered useless.”