Genasys Technologies’ COO, Carl Mönnig and his teammate, Bartho Saaiman, recently became the first two South Africans to achieve the “Elite Hacker” rank on Hack-The-Box, a free online platform to learn and practice cyber security skills.
Facebook is settling a £4 billion fine with the US FTC after failing to protect their customers’ data. Louisiana declared a state of emergency after whole school districts were frozen by ransomware. The UK ICO recently noted intention to issue fines totalling over £275 million to British Airways and Marriot International. Cybercrime is increasingly attractive to criminals as digital technologies become even more pervasive. Companies now face fines, extortion, business disruption and long-term reputation damage. Technology implementations are complex, projects are often rushed, and the hackers only need one mistake to get a foothold. The demand for scarce information security skills is spiking, and all signs indicate that this trend will continue for many years to come.
Hack-The-Box has over 177,000 members from all countries, competing against each other and sharing knowledge. Skill levels range from top security researchers and penetration testers to hobbyists and high school students. The “Elite Hacker” rank is awarded to members who complete more than 70% of the platform’s active challenges. New challenges are added, and old ones are deactivated weekly which creates a time limit. Most challenges involve breaking in to lab environments by leveraging real-world security exploits in operating systems and web applications. There are also puzzles involving cryptography, steganography, forensics, reverse engineering, and OSINT. The idea is to have fun while developing strong information security skills.
The platform also ranks countries by the achievements of their member citizens. The top-ranked countries on the (English-language) platform typically have mature, state-backed cyber defence & skills development programmes that have been operational for decades. United States is far ahead of any other nation, and the United Kingdom is second. South Africa is currently ranked 46th. South Africa’s National Cybersecurity Policy Framework (NCPF) was published in 2015, which highlighted the need for cyber defence capacity to protect national interests. In May 2019, Armscor reported their cybersecurity unit was launched and is operational.