Vigilantes testing security of i.T. systems

Published: 4:03 AM, September 29, 2014
(Page 1 of 2) - NEXT PAGE | SINGLE PAGE

Call them cybersecurity vigilantes if you will, or “white hats” — as they are known in the hacking world.

Mr Wang Jing and Mr Zhao Hainan are part of a growing group of individuals who are taking it upon themselves to test the security of information systems in organisations and report security flaws.

Earlier this month, Mr Zhao, 26, a National University of Singapore computer science postgraduate student, managed to hack into M1’s pre-order site for the iPhone 6 and 6 Plus to access personal data, including phone and NRIC numbers, as well as home addresses of the telco’s customers. He then alerted the company.

M1, which temporarily suspended all pre-orders to carry out an investigation, said it appreciated the fact that Mr Zhao, who was not identified in previous media reports, had taken the time to inform the firm about the potential security flaw and would not be taking any action against him.

Speaking to TODAY, Mr Zhao, a Singapore permanent resident, said his interest in hacking began after he had taken a module on website security. He added that he makes sure he does not break any laws and would report any vulnerabilities he discovered to website owners.

“I want to make the Internet a safer place. So, over the years, I will try to hack (into) a website when I feel interested in (it) ... I also do it out of curiosity,” he said.

For Mr Wang, who is pursuing a PhD in mathematics at Nanyang Technological University’s School of Physical and Mathematical Sciences, testing websites for vulnerabilities is a hobby he started early this year.

After reading up on computer security, he tested some well-known social networking sites, as well as websites of banks here and other popular Singapore-based sites.

“I believe making the Web more secure is beneficial to users ... I am happy to do something that is useful,” said Mr Wang, who is in his 20s.

Apart from individuals, there are also groups of cybersecurity watchdogs, including the 400-member Singapore Security Meetup Group.

(Page 1 of 2) - NEXT PAGE | SINGLE PAGE


  • 1
  • 2