HackerOne, a San-Francisco vulnerability coordination and bug bounty platform, revealed that as many as 800 companies have paid out over $15 million in bonuses to “white hat” hackers to test their system security.
The New York Post reports that companies are paying vast amounts of money to have hackers attempt to break into their digital systems. A San-Francisco-based vulnerability coordination and bug bounty platform called HackerOne has revealed that they have as many as 800 corporate customers paying out as much as $15 million in bonuses to hackers since the founding of HackerOne in 2012.
Most of that $15 million has been paid out in the past two years as the corporate world has become more aware of cyber attacks and digital intrusions. HackerOne boasts a wide range of high profile clients such as General Motors, Uber, Twitter, Starbucks, and even the US Department of Defense. The firm’s CEO Marten Mickos states that companies are spending increasingly larger sums of money to have their systems tested by elite hackers in an attempt to stay ahead of the curve.
Mickos states that Google has paid out approximately $3 million through their own hacker bonus program which rewards users that can detect vulnerabilities and loopholes within Google systems or software. Uber has paid HackerOne approximately $860,000 for the use of the company’s hacker platform.
Mickos stated that the ever growing internet connectivity of devices, known as the “internet of things,” has lead to an increase in demand for white hat hackers who can test the vulnerabilities of these internet enabled everyday objects. Mickos referenced the 2015 hack of a Wi-Fi enabled Barbie doll. “It may sound silly, a doll,” he says, “but it’s your child.”
Adam Malone, the director of cyber investigation and breach response at PwC, said, “[Benevolent] hackers are in very high demand.” Malone stated that the demand for the skill sets of these hackers is also greatly expanding resulting in some hackers taking home, “a six-figure range pay up to half a million.”
“I lead a team of guys that go into a company that has been breached,” he explains. “I primarily hire people most experienced in hacking.”