They are called ethical hackers or white hats. They prowl the world wide web looking for loopholes in IT systems. They are the good guys, looking for the bad guys who may get to your data and exploit it.
Now as the pandemic forces a range of businesses online, particularly financial transactions and payments, it may be boom time for hackers and ethical hackers alike.
30-year old Rajshekhar Rajaharia is an ethical hacker. He doesn’t like calling himself that though. “Too many people who don’t know what hacking is call themselves ethical hackers these days,” he said. “A security researcher is a better name for someone like me.”
Rajaharia, who has been doing this since 2008 when he was in class 12, is in the limelight for flagging off the latest instance of credit card data breach that India has seen.
On Jan. 2, he found out that about 10 crore card details were available on the dark web, a term used to describe forums frequented by cyber criminals. The details were leaked from the servers of Juspay, a company that processes payments from Amazon, Flipkart, Swiggy, MakeMyTrip, Airtel, among other big brands.
Rajaharia went public with the breach a few days before the company acknowledged it. This wasn’t the first time he brought data breaches to light. In 2019, he disclosed that a breach at Just Dial led to details of nearly 10 crore cards finding their way onto the internet. And, way back in 2008, when he started out with a small assignment with the Rajasthan police, he helped them track down internet address of local fraudsters.
“On forums hosted on the dark web, you will often find advertisements by hackers about something that they have stolen from a server. Depending on the quality of data and the amount of work involved, the hackers will put a price on the data dump, while also offering a sample to check whether it is genuine,” Rajaharia said while explaining how he and other ethical hackers chance upon a data breach.