As businesses rush to deploy emerging technology to stay ahead of the competition, they’re also putting themselves in the line of fire of various cybercriminals looking to deploy malware. Ethical hackers, however, are taking the shots, as every day they help more and more businesses stay safe and secure.
This is according to a new report from HackerOne, a hacking program that rewards ethical hackers for discovering and responsibly disclosing major vulnerabilities. According to the new report, the ethical hacker community just surpassed $300 million in total all-time rewards on the platform.
Of that number, 30 hackers earned more than a million dollars. One hacker earned more than four million.
Big payouts
Perhaps unsurprisingly, the highlight of this year’s 2023 Hacker-Powered Security Report is Generative AI. It was said that more than half (55%) of hackers plan for the tool to become a top target in the coming years. Almost two-thirds (61%) will use and develop hacking tools from Generative AI to find more vulnerabilities, and another 62% plan to specialize in the OWASP Top 10 for Large Language Models.
GenAI will also be used to write better reports (66%) and better code (53%), as well as to beat language barriers (33%).
One of the reasons for the rising popularity of ethical hackers is the lack of in-house expertise and talent. In fact, 70% of customers said hacker efforts helped them avoid a significant cyber-incident. Furthermore, 75% of HackerOne customers believe exploited vulnerabilities are their number one threat, surpassing phishing (22%), insider threats (12%), and state-sponsored threat actors (10%).
The biggest rewards are coming from crypto and blockchain firms. They are offering the highest average overall rewards, and have handed out this year’s top payout of $100,050, the report states. Also, besides hunting for bugs, hackers are also engaged in pentesting (54%).
“Organizations are under pressure to adopt GenAI to stay ahead of competitors, which, in turn, is transforming the threat landscape. If you want to remain proactive about new threats, you need to learn from the experts in the trenches: hackers,” said Chris Evans, HackerOne CISO and Chief Hacking Officer.
“The Hacker-Powered Security Report makes clear that hackers are actively growing their skillsets to meet emerging threats. The versatility of hackers and the impact of the vulnerabilities they surface make them instrumental to how our customers anticipate and address risk.”