Computer whiz kids are on the front lines against cyberattacks - Omaha.com
Published Sunday, May 5, 2013 at 1:00 am / Updated at 2:27 pm
‘white hat’ hackers
Computer whiz kids are on the front lines against cyberattacks

He’s 26, likes industrial and electronic music, has a bleached-blond mohawk haircut and sometimes, Mikhail Davidov said, he starts his day “at the crack of noon.”

The late hours are in front of a computer, working on reverse engineering, tearing apart computer programs to find their vulnerabilities.

Sometimes he works 18 hours straight. “There are few hackers out there who are ‘morning people,’” Davidov said.

These days, the front lines for security don’t only include soldiers carrying weapons.

They include computer whiz kids like Davidov, who works for the Leviathan Security Group, a 20-person firm that operates out of second-floor offices in a renovated 1918 building in Seattle.

Chad Thunberg, chief operating officer of Leviathan, said he can relate to Davidov, remembering his own younger days.

Thunberg, who is 35 and married with two children, said, “I’m considered a grandpa in my industry. There was a time when I was the Mikhail equivalent. You live and breathe security.”

Cyberattacks are costing corporations — and consumers — a lot. In a six-year span starting in 2005, data breaches in 33 countries, including the U.S., cost the firms involved more than $156 billion, according to the nonprofit Digital Forensics Association.

Every second, in various parts of the world, there are 18 cybercrime victims — some 1.6 million a day — according to a 2012 Norton by Symantec study.

The Wenatchee World newspaper reported last month that a Leavenworth, Wash., hospital said hackers stole more than $1 million from the hospital’s electronic bank account. The Chelan County, Wash., treasurer said it had been able to retrieve about $133,000 by notifying recipient bank accounts.

And the Associated Press reported that LivingSocial, an online deals site, said recently that its website was hacked and the personal data of more than 50 million customers may have been affected — names, email addresses, date of birth of some users and encrypted passwords.

Then there are the Chinese hackers, who blasted into the news in February when Mandiant, an Internet security firm, released a report saying that a group linked to the People’s Liberation Army had systemically stolen confidential data from at least 141 American firms.

That makes Internet security a booming industry, at an estimated nearly $1 billion a year in 2012, according to the consulting firm Frost & Sullivan.

Another “white hat” hacker is Adam Cecchetti, 31, who used to work at Leviathan and then in 2010 became one of the founders of Deja vu Security in Seattle.

Davidov and Cecchetti are on the front lines of fighting off the “black hat” hackers. Yes, that is how they describe their enemy.

The latter includes those sending out phishing emails that look like they came from a legitimate source but are fakes trying to get your passwords and credit card information.

Or maybe they are black hats trying to compromise a company’s website just so they can boast about it in hacker circles.

For the white hats, their unique skill at finding where a program is vulnerable and how to close the digital doors that the black hats use to penetrate a website is worth $120,000 to $130,000 a year, Thunberg said.

“Companies are being attacked by bad people, and if they want to defend themselves, they have to attract these scarce people,” he said. “There are maybe 1,000 individuals of this nature in the world. They have this unique hacker mindset.”

Their clients aren’t keen to publicize that they seek Internet security, said Thunberg, and that’s often written into their contracts with Leviathan. Thunberg said his company’s average contract size is for around $70,000. Citing privacy, he said only that most are Fortune 1000 companies.

But one client that didn’t mind talking is a Washington, D.C.-based company called Silent Circle. For $20 a month, it offers a service that encrypts voice, text and video on a user’s smartphone, tablet or computer.

Their customers, said Jon Callas, Silent Circle’s chief technical officer, include U.S. businesses “doing work in China and Eastern Europe and other places where they don’t want their phone calls tapped.”

His company, Callas said, hired Leviathan to evaluate the encrypting software for vulnerabilities and fix them. “They helped us find problems before anybody else did,” he said.

At Deja vu Security, Cecchetti said, work that they’ve done includes posing as new employees at a financial institution, given the standard access to computers.

But, Cecchetti said, “within a couple of weeks, we had basically control of the entire organization and could access pretty much anything we wanted.” Deja vu put together “a very large report” on how to fix things, he said.

Cecchetti now is one of those who hires, and said that when interviewing applicants, he wants to know, “Can they see things from the perspective of a hacker, gleeful to see how things are made? They need to want to peel away the layers. What happens if I make a very small change in the system?”

If you can do that, you can come to the office in any hairstyle you want.

“It’s usually a little bit of a shock,” Davidov said about how some clients react to his mohawk.

“But once they start seeing the output of the work we do, they find it almost endearing.”

Vets can compete for start-up cash
Cab ride to airport (or anywhere in Omaha) could soon cost more
Coming to Omaha: fun-focused sports league where every kids gets a trophy, parents promise to keep cool
Beals: Boy offers lessons of service, simplicity
Recalled frozen pasta product has tie to Omaha
Business digest: Lululemon shareholder suit dismissed
Suit challenges a Hollywood pillar: unpaid internships
Nonparents’ resentment grows over impact of companies’ family-friendly focus
Jeff Raikes’ next goal: making philanthropy effective
Restaurants invite customers to dine with their dogs
March unemployment rates up slightly in Nebraska, Iowa
Iowa officials announce plan for Microsoft data center
Lincoln pharmaceutical company wins funding, grant
Fortress Wealth joins Securities America network
USDA orders farms to report pig virus infections
Airbnb event seeks Omaha-area hosts for Berkshire weekend, CWS
Developer wants to transform old Millard Lumber site with housing, commercial buildings
Dip in Nebraska economic index doesn’t reflect outlook
Post Holdings buys Michael Foods
Business digest: Target expands subscription service, adds discount
Rural Mainstreet Index finds slow growth
Earnings roundup: Chipotle says it won’t scare off customers with higher prices
BNSF to add trains to handle fertilizer
Walmart touts lower money transfer fees
In brief: Judge doesn’t make GM take cars off road
Deadline Deal thumbnail
The Jaipur in Rockbrook Village
Half Off Fine Indian Cuisine & Drinks! $15 for Dinner, or $7 for Lunch
Buy Now
< >
SPOTLIGHT »
Inside Business
To submit an announcement for "Inside Business", click here. For questions call (402) 444-1371 or e-mail announcements@owh.com.
WORLD-HERALD ALERTS »
Want to get World-Herald stories sent directly to your home or work computer? Sign up for Omaha.com's News Alerts and you will receive e-mails with the day's top stories.
Can't find what you need? Click here for site map »