Bosses at UK infosec biz Quadsys confess to hacking rival reseller Five men working at UK-based IT security reseller Quadsys confessed today to hacking into a rival's database. Owner Paul Streeter, managing director Paul Cox, director Alistair Barnard, account manager Steve Davies and security consultant Jon Townsend appeared before the beak at Oxford Crown Court. All five pleaded guilty to …
break into systems >> get caught >> become an Information Security Consultant >> Look for customers >> break into systems to find them.
In the US last year we had the owner of a security company running two websites. One allowing criminals to offer their services with the website verifying completion and then paying the criminal from an escrow fund. The other was one that offered a similar thing but in reverse, hiring freelance security people to clean up after break ins and compromises.
He was a Certified Ethical Hacker and when exposed he simply changed his business plan to not allow illegal activity.
http://www.nytimes.com/2015/05/13/business/dealbook/owner-of-anonymous-hackers-for-hire-site-steps-forward.html
If crime increased with the number of police departments added I think we might start to wonder if the cops were crooks.
In theory Certified Ethical Hacker and similar qualifications (CISSP etc) come with a code of conduct, and breaking the code results in automatic loss of the qualification. It's questionable how or if this is tracked by the certifying body, and what steps they would take against someone who has "lost" the certification but continues to claim it on the web or Linkedin.
It depends on what the certification is. Certification in the UK from one of the CESG approved CBs is very definitely lost if the certified person breaches the code of conduct. Anyone falsely claiming to be certified when they are not receives an invitation to a meeting without coffee. I'm not aware of anyone brazen enough to claim that they have certification that they do not after that experience. There is also a privately run organisation (TSAR) that checks the certification status of consultants and confirms their status to client organisations.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
