You must log in or register to comment.
I’m guessing the ransomware gangs would be giving better payments than regular companies asking for pen-testing.
But with this, comes other concerns:
- Will the pen-tester be enticed to use the “authorised hacking” as an opportunity to install a backdoor of their own or do they maintain strict borders between both jobs?
- I’m thinking, not so much, as, if they’re already doing something illegal, they might as well just go the extra mile.
- At the same time, pen-testers working for one company might also be used for industrial espionage efforts, by competitors
- Will the pen-tester be enticed to use the “authorised hacking” as an opportunity to install a backdoor of their own or do they maintain strict borders between both jobs?
Wait, they weren’t already? I guess I already assumed that many (most?) black hats were white hats in the daytime. You gotta get that knowledge from somewhere…