In times when phishing is sweeping across the globe and cyberwarfare is all over the news, the word 'hacking' has a decidedly negative connotation. But it doesn't always have to be that way. Intigriti proves this. The online platform works with 'positive hackers' who only have our best interests at heart. Referred to as 'researchers', they try to find out how companies are vulnerable to cyber-attacks and whether they are sufficiently protected.
The Belgian organisation Intigriti profiles itself as a 'bug bounty platform'. Via this platform, organisations can check the security of their websites and apps. A team of 50,000 'ethical hackers' or researchers who have joined the online platform, track down the vulnerable spots in the security of said websites or apps. Intigriti relies on the power of numbers. After all, 50,000 ethical hackers see more than the ICT team of the average company. If they find a vulnerable spot in the company's security, a bug or other error in an application, the client rewards them with a bounty. The company then has the hole in its security closed.
"Companies - but also citizens - are still too little aware of cybercrime and the risks associated with it."
Niels Hofmans, Head of Security with Intigriti
Organisations that contract Intigriti do so because they are aware of the possible security risks they run. But not all companies have reached this point yet. "Companies that have the financial resources to recruit security profiles are usually ahead of the game. The same applies to organisations that are strong in ICT and are modernising their infrastructure." Unfortunately, the rest of the business world is lagging behind. "Those organisations still have a lot of catching up to do. Fortunately, awareness is growing." says Niels Hofmans, Head of Security at Intrigriti.
Cyberwarfare
The growth of awareness is partly due to the increasing media attention for cybercrime. "There are groups active with strong - suspected - links to state actors. I'm not just thinking of Russia. A few years ago, for example, a British intelligence service penetrated Proximus. You also have strong criminal organisations that try to hack into the container terminals in the major ports, for example." But likewise there are also small gangs, or even just groups of teenagers, who engage in hacking as a hobby. Very often it is hard to find out who was responsible for an attack. After all, cybercrime is very accessible. "With a laptop and a web browser you can already inflict harm on someone," says Niels Hofmans.
In the context of a war - as is currently the case with the conflict in Ukraine - the importance of the digital war machine is increasing. "We see this, among other things, in the disinformation campaigns that pop up online," Niels Hofmans continues. "This is not new, as we also saw these campaigns around the election of Donald Trump and in the run-up to Brexit. "Specifically in the conflict between Russia and Ukraine, we see that cyber warfare is an important part of it, both in the 'official' and 'unofficial' war. "Hackers attempt, for example, to disable the opponent's communications just before a physical attack. But there is also active espionage and hacking, for example by releasing malware on the systems of border posts so that people have a harder time fleeing the country."
"In cyberwar, it's not just about disabling or damaging critical infrastructure, but also spreading disinformation."
Critical infrastructure
The cyber part of conflicts and wars gaining in importance may also be deduced from Defence Minister Dedonder's plans to reinforce the Belgian army with cyber soldiers by 2025. "Hacking governments, utilities, banks and other organisations is now inherent in modern warfare," says Niels Hofmans. "Critical infrastructure is not spared in the process." But ethical hackers can play a role there too, for example by checking the security of nuclear power stations, telecom providers, water companies and other critical infrastructure.
At the same time, there may be a more subtle cyber threat. The finger is often pointed at China, which supplies technology on a massive scale, including in our country. "We cannot deny that there is political interference by the Chinese government in Chinese companies," says Niels Hofmans. "The government can request the personal data of users of technology arbitrarily. But that is just as true for American companies. It is a risk that we apparently accept, as users of Chinese and American technology. Using a Chinese smartphone is not so dangerous in itself. But using Chinese technology in our army? Surely that's something to think about thoroughly."
Dries Van Damme has more than twenty years of experience as an ICT journalist. He has published in (amongst others) Data News and is the manager of the media office Bureau 44.
Read more on cyberwar
-
Interview
Is Belgium ready for an attack with military cyber weapons?
War takes place not only on the battlefield, but also in cyberspace. The CCB is keeping a watchful eye on the situation in Belgium. -
Interview
What happens if a cyberwar breaks out?
Kristof Tuyteleers, CISO of DNS Belgium, explains what the possible consequences of cyberwar are and how citizens or companies can protect themselves. -
Interview
Cyberwarfare Convention
Adopted at a time when wars were 'traditional', do the Geneva Conventions need to be adapted to the new reality of cyberwarfare? -
Interview
Cooperation public and private sectors is essential
Europe, and Belgium in particular, are investing significant human, technological and financial resources to deploy their cyber security 2.0 strategy. -
What is the state of cybersecurity in Belgium and the world?
This infographic explains what the state of cybersecurity in Belgium and the world is.