We’re focused on…
Ethical hackers who start their careers when they’re very young.
Why?
Because we interviewed Rohit Kumar (Product Security Engineer at Groww), and he told us about his earliest beginnings in the field of cybersecurity – while he was just a teenager.
“In April 2016, I was 14 and freelancing to earn some money. I found a website called HackerOne and thought it was a job site, like for companies. I made my own social media website in 10th grade and thought the ‘researcher’ signup was for super smart people.”
So Kumar launched a bug bounty program on HackerOne to test his website’s security: “…but I didn’t understand what it meant. I invited lots of talented people, some even famous now, to find weaknesses.”
“They found them fast – over 30 in five minutes! But I couldn’t pay them because I was just a kid. This made them upset, and some even talked about it online. I’m really sorry for that.”
For Kumar, this mistake changed everything. Witnessing hackers break into his site so easily woke him up to the critical importance of security – and “I learned about this cool world of ethical hacking and all the amazing people in it. Even though it wasn’t planned, that day started my journey into cybersecurity.”
Kumar’s experience got us thinking…
Many ethical hackers started down this path at a young age.
For example…
18-year-old Australian Jackson Henry has been in the news lately. At the age of 15, he helped uncover a security misconfiguration for the United Nations which could have exposed 10,000 sensitive data records – and now he works full-time as an ethical hacker.
American Kristoffer Wilhelm von Hassel became the world’s youngest hacker at the age of five (yes, 5!) when he exposed vulnerabilities in Microsoft Live Xbox. Now ten years later, he’s listed as a security researcher by Microsoft.
Hacker CyFi was featured by Wired at the age of 13, because four years earlier, she had co-founded (and continued to run) R00tz Asylum, the children’s version of DefCon. She got into hacking when she discovered a zero-day in a popular mobile game.
At the age of 17, Jack Cable found 30 vulnerabilities in US Air Force websites. And he discovered a critical vulnerability in the Department of Defence’s secure filing system.
Why do hackers start young?
There’s a dark side to hackers who start when they’re just children. Criminal groups are known to target young people in digital spaces, particularly gaming, and coerce them into carrying out attacks.
But those who have the knowledge and support, or who just happen to discover the right vulnerability at the right time, often go on to build successful careers in ethical hacking.
One 2023 study examined the lives of 15 hackers who started ethical hacking before they turned 18 – and found that they shared an early interest in information and communication tech; a sense of motivation to make systems more secure; and a feeling that reporting vulnerabilities was a moral duty.
Beyond that, social aspects (particularly role models in hacker communities, and the support of parents and peers) helped to drive that motivation and encourage the young hackers to pursue ethical hacking as a job.
Does this mean starting as an adult puts you at a disadvantage?
No, not necessarily.
Young hackers bring immense enthusiasm and fresh minds to the space – and they have the potential to shake up the cybersecurity sector because they’re unmuddled by the pressures that adults face. They look at problems with curiosity, and they’re more likely to try to solve those problems in new, creative ways.
But starting later brings different advantages. You bring more varied life experiences and an understanding of the world of work and business that can help you provide hacking services that your clients really value. And there’s a good chance you’ve honed your communication skills, too – which is essential for ethical hackers who need to help clients understand what they’ve found, and why it matters.
In short, we need hackers who start at all stages of life. Everyone brings something different to the field – and it’s all valuable.
🔗 Read our interview with Rohit Kumar: How one mistake can launch a career
P.S. - Mark your calendars for the return of Black Hat MEA in November 2024. Want to be a part of the action? Register now!