Aviram Jenik makes money by hacking into people’s computers. It is his job.
Mr Jenik’s business, Beyond Security, is a computer security testing firm that identifies weaknesses or, as Mr Jenik puts it, “bad things”, that can make company computers vulnerable to hackers.
His clients include Mastercard, Visa, the Ministry of Defence, KPMG and Microsoft.
According to Mr Jenik, around 30 new weaknesses are found in computer systems every week. These can cost companies millions of pounds. And such attacks are becoming increasingly prevalent in the present economic climate.
“Criminals have figured out that the internet is a good way to operate as it is harder to get caught,” says US-based Mr Jenik, 35. “Besides, the internet is booming. There are so many e-commerce websites around. Anyone can open a shop online today. The internet has become a way of life.”
The recession is proving to be a particularly busy time for Mr Jenik’s firm, which recently produced its best set of results. Figures for the last quarter of 2008 were up almost 100 per cent on the previous year.
“Many attacks are random — carried out by people with too much time on their hands. In Eastern Europe, for instance, there are a lot of very smart young people, who are unemployed and want to test their hacking skills and so they will randomly break into computers. But when there is a downturn there is more internet-based crime. More people are unemployed and are desperate to make money at all costs. They have more time to do so. There is also a lot of internal crime by employees who know they are going to be laid off. Before they are, they will steal the company’s secrets and send them out. All these things happen more and more when the economy is slow.”
A recent survey by Infosecurity Europe found that more than one third of office workers in London’s financial district would download and steal sensitive company information if the price was right. The types of information that the workers had access to included customer data bases, business plans, accounting systems, human resources data bases, and IT admin passwords. Two thirds of employees think it is easy to sneak information out of their organisation
And there is more good news for Mr Jenik, who co-founded the company in 1999. There has been a significant increased in “organised crimes”, such as online credit card fraud and breaking into servers to steal company information, which is then sold on to rival companies. “This is happening more and more,” says Mr Jenik. As a result, companies are employing his service as a method of damage limitation in the downturn.
“Credit card companies lose billions of dollars a year on internet credit card theft.” He says he can save credit card firms around $50 million a year in losses by reducing the number of successful attacks. “Many firms will hire people to do security testing for them. I don’t think this is the right approach. We have a machine which does it automatically. So, instead of paying someone $100 an hour, they can buy a machine from us costing a fraction of that. The costs saving are incredible.
“And just by displaying a credible security seal to act as a deterrent, a company can increase its revenue by 10 per cent. These days, that can be the difference between keeping a shop open and having to close it,” says Mr Jenik, who has more than 17 years of experience in the computer security field.
He says: “Hacking into computers was my hobby when I was in sixth grade, aged 12. I love hacking and thinking like a hacker. I love computer security. To be doing it as a job is pretty incredible.”
Prior to establishing Beyond Security, Mr Jenik ran several successful technology start-ups, including software company Gteko, which was sold to Microsoft for a reported $110 million in 2006. Today, Beyond Security -— headquartered in the US with an R&D centre in Netanya, Israel — has more than 2,000 customers. It has been boosted by the launch of its SecuriTeam portal, an online community of 1.5 million people from hackers to security experts, who contribute content. It is considered one of the leading security web sites on the internet, receiving more than two million page views a month.
Beyond Security records several dozens of attacks each month. But this is just a small proportion of the problem. He says: “For every attack that we find out about, there will be around fifty others. Companies that have websites which are broken in to are not going to want to broadcast it.”