Nova Scotia

Cybersecurity expert Keren Elazari lauds 'good hackers' at Halifax conference

Sometimes the work hackers do is the only reason companies know about issues with their technology. Many industries, including medical device manufacturers, the auto industry and the online world, depend on hackers to uncover problems.

Some companies have adopted 'bug bounties' to reward hackers

Keren Elazari, who studies cyber-conflict and politics at Tel Aviv University, was the opening keynote speaker at the Atlantic Security Conference in Halifax on Thursday. (www.k3r3n3.com)

Not all hackers are bad guys and, in fact, the outlaws of the technology world are a huge help when it comes to fixing problems, a cybersecurity expert says.

"There are actually a lot of good hackers out there that are revealing vulnerabilities and bugs in technology that we all rely on," Keren Elazari told CBC's Mainstreet.

Elazari, who studies cyber-conflict and politics at Tel Aviv University, was the opening keynote speaker at the Atlantic Security Conference in Halifax on Thursday.

Sometimes the work hackers do is the only reason companies know about issues with their technologies, she said.

There are examples in many industries, including medical device manufacturers, the auto industry and the online world. Even companies as big as Google pay hackers a "bug bounty" for the weaknesses they find, said Elazari.

Bug bounties

Electric vehicle innovator Tesla recently started working with hackers to find potentially "life-threatening" security issues in their cars. Western Union has a bug bounty program in place, she said.

And it's not just about finding problems in technology.

During the Arab Spring, some governments tried to shut down protests by turning off the internet in their countries. 

It was only thanks to the work of a group of hackers in France and Canada — called Telecomix — that protesters got back online, after Telecomix created an alternative internet connection for them to use, Elazari said.

Her personal inspiration to consider hackers as heroes stemmed from an unlikely source: Angelina Jolie. 

It was the Hollywood movie Hackers, featuring Jolie portraying protagonist hacker Acid Burn, that sparked her interest when she saw it as a teenager.

"When I saw that film, I immediately recognized … this is something that I would like to do and it is possible to be a hacker hero as it were," she said.

Source of pride

Less progressive companies in the tech industry are waking up to the fact it makes sense to offer incentives, Elazari said.

"A lot of companies are still kind of reluctant to open their doors to hackers.… That's something I'm trying to change."

Fraudsters are gaining access to the email accounts of supervisors and targeting employees who have the authority to access and move money, RCMP say.
Hackers provide a useful service to many technology and manufacturing companies, finding and fixing problems, says Karen Elazari. (iStock)

More conservative companies or companies with a conservative culture may take some time to get on board, she said.

One example of a company that took some time to get behind utilizing hackers was Toyota. When hackers and security researchers found issues in the company's hybrid vehicles, it took them a long time to accept it.

Now Toyota runs a hackathon where they actively invite hackers to work on their cars and technologies, she said.

For Elazari and many security researchers the term is a "source of pride."

"You'd be amazed at how friendly, collaborative and community oriented a lot of hackers I know are," she said.

"Not all of us are bad guys — I promise."