Heard about the Australian kid who got a bite off the Apple? Well, here’s a dose of reality; just a few days back, Australian newspaper, The Age, covered a story about a 16-year-old boy from Melbourne who for the better parts of a year had apparently been strutting his way in and out of the private servers of the world’s first trillion-dollar public company: Apple. Yes, you got that right; Apple!
Now, this is not one of those “kid-caught-with-hands-in-the-cookie-jar” moments; this is much bigger. The teen, whose name is being withheld for legal reasons, is reported to have retrieved over 90 GB of private information over the course a year after he somehow managed to bypass the company’s security protocols; a move that granted him wanton access into the company’s internal file systems and information that is believed to be classified. It appears he did all of it for fun, though, as he is quoted as saying he “dreams of working for Apple as he is a big fan of the company.” Lucky break for Apple as opined in some circles.
Although the activities of this precocious hacker have since been detected by Apple who eventually shut him out before alerting the Federal Bureau of Investigation (FBI), who subsequently signaled the Australian Federal Police (AFP) – a move that resulted in the discovery of materials tying him to the server breach and arraignment before the Children’s Court where he has since pled guilty and is now awaiting sentencing – it really does call for concern. During the hack, the schoolboy is reported to have successfully accessed “authorized keys” that are believed to be “extremely secure.”
Reality Check: How Secure Is “Extremely Secure”? The whole Apple teen hack scenario just begs the big question. If a Fortune-500 technology giant like Apple with all its cutting-edge systems and high-caliber personnel can have a teen sneak in under the radar, breach its defenses, and cart away valuable information right from under its noses, how about a full-blown hack attack on perhaps a government server holding tons of sensitive information? Is it really far-fetched to assert that there might be no such thing as unbreachable and invulnerable? Well, now you get the idea: the web is not the impregnable fortress we thought it to be, we need cybersecurity professionals to keep it secure, and one Egyptian entrepreneur is on a mission to unearth and engage some of the best of them.
Such has been the reach of technology and the internet that both elements virtually now have control over very vital aspects of our daily lives. For enthusiasts, neutrals, and even naysayers alike, the power the web that now wields in almost every facet of life is all-encompassing and undeniable.
It has been something akin to an invasion of our world by otherworldly elements – only that this time, we are not talking aliens, robots, or cyborgs. These days, it is about gadgets, and gizmos, and the intricately-connected nexus which forms the labyrinth of fiber-optic internet cables that drives them. And this time around, it is not really an invasion; it is more like innovation that has unfolded right before our eyes and under our very noses, mostly out of our own creation.
Winners Of The 2018 Egypt National Cybersecurity CTF Competition Organized By CyberTalents
Image Source: Seekurity
The web is now something of a go-to repository for all kinds of information and knowledge. And why wouldn’t it be when its capacity is limitless and its reach boundless?! From classified government records (information that can potentially make or mar the current world order), through sensitive company data, to even information on social media platforms (which a large chunk of the 7 billion people on the planet already have their digital footprints on); the web can be considered to have several terabytes of vital human data locked away in some kind of digital vault – one that is not impregnable.
Yes, that last phrase may come across as eerie and pessimistic but it does hold water to some extent, especially when thought is given to the idea that no man-made system can be classified as utterly infallible. Humans created the web and put in place measures to impart a reasonable degree of security. The keyword here is ‘reasonable degree of security,’ which is a long way off from ‘absolute security.’ And that’s just for starters.
For every data storage system that is regarded as iron-clad unbreachable, there is always a good chance that there is an ingenious hacker somewhere trying to exploit the half-chance that there is a backdoor or trapdoor through which they can gain unrestricted access and wreak various shades of havoc.
Even the much-talked-about decentralized blockchain system which governs bitcoin and other cryptocurrencies, for all its promises of security, impregnability, and immutability, is not without flaws and certainly not immune to the occasional breach – as is highlighted by the infamous 2016 hacking incident in which Bitfinex; one of the largest U.S dollar bitcoin exchanges, announced that it had lost as much as USD 69 Mn in one day after the platform’s firewalls, fool-proofs, and fail-safes were overridden by some extraordinary hacking – an incident which resulted in a drop in bitcoin’s market rate by as much as 20 percent and amounted to huge losses for so many people in the aftermath.
And how about the well-documented Careem hacking incident which happened earlier this year? A cyber attack that reportedly resulted in the data of over 14 million customers and captains getting compromised and leaked? Sure looks like there is a myriad of ways in which this could get worse.
Even though the cryptocurrency and the ride-hailing service has since recovered somewhat, the whole scenario further underlines the untold damage that can be orchestrated when the power held by the web and all its data storage systems is wielded by the wrong people. Data is power, the internet has tons of it – perhaps, even too much of it – and in the wrong hands, the devastation could get a lot worse than losing millions of dollars and having data leaked.
This informs the need for gatekeepers; sentries to hold down the data fort that we have inadvertently built. We may never be able to completely stop the activities of unethical hackers, but the one thing we can certainly do is make their job several geometric progressions harder and virtually impossible. And one man is making it his business to groom outstanding talents to effectively neutralize every rogue genius.
Moataz Salah is an Egyptian entrepreneur who has made it his mission to keep the security of web and cloud data storage systems intact. With over a decade of experience in the field of cybersecurity under his belt while working directly with multinational companies like Intel and Valeo, it is quite fitting that he is the Founder and CEO of CyberTalents; a leading platform for top talents in the world of cybersecurity.
Since coming into inception in 2017, the startup has made significant strides in the aspect of unearthing some of the finest talents when it comes to cybersecurity and molding them into world-beaters that can hold their own against the craftiest and slipperiest of hackers. This it does by ranking cybersecurity professionals across the globe through Capture-The-Flag (CTF) contests, with a view to getting them snapped up by the top recruiters of cybersecurity talent.
Moataz’s creation was inspired by an apparent dearth in the global cybersecurity workforce. As indicated in an earlier publication by WeeTracker, when the CEO pitched the idea behind CyberTalents as one of ten startups that were graduated in the first cycle of EG Bank’s MINT Incubator which was concluded earlier this year, he pointed out that there was a shortage of personnel in the industry and there was an ever-growing need for highly-skilled cybersecurity talents; a point that is echoed by a global report which places the deficit in personnel at somewhere around 2 million. He also implied that with menacing and prowling hackers always on the clock and without enough cybersecurity talents to keep them at bay, the world was sitting on a tinderbox as it is. Thus, CyberTalents was birthed as his answer to question marks over cybersecurity; a way of beefing up the cavalry to keep the intruders away.
“We are on a mission to discover the young cybersecurity talents in this region, provide them with job opportunities, and help in closing the skills gap shortage that is hitting the cybersecurity market now with nearly 2 million job positions unfilled; a figure that is expected to reach 3.5 million by 2021 if the current trend is not checked,” the CEO offered in a conversation with WeeTracker.
He further revealed; “The cybersecurity market is growing tremendously. It is expected to reach USD 200 Bn by the year 2021, and it currently boasts a 10% Year-on-Year growth. With the continuous hacking stories on different businesses, enterprises, and government entities, the need for cybersecurity talents is increasing exponentially.”
And Moataz is looking to leverage the market opportunity while contributing his own quota towards solving a pressing global problem. By virtue of its business model, CyberTalents puts together CTF contests as a central feature of the platform, and these competitions are powered by large tech companies; ones whose interests are best served by the talents discovered in such contests.
CyberTalents CTF contests are all geared towards providing flawless solutions to very tough cybersecurity challenges, some of which might require several hours for a breakthrough. The startup ranks the cybersecurity professionals who participate in these competitions on the basis of how long it took to resolve a given problem and the results achieved by the solution. This information is, thus, used by large tech companies as a talent acquisition tool for recruitment purposes. The startup’s earnings come by way of commissions accumulated for all hires that take place via its platform.
“Africa and the Middle East hold a huge amount of potential in different fields including cybersecurity. Many top talents are in need of the opportunity to showcase their skills and become gainfully employed. We hope to achieve this through CyberTalents,” Moataz commented.
On the subject of funding, the CEO revealed to WeeTracker; “We launched a crowdfunding campaign during our initial stages so as to be able to validate the idea and launch the platform. Later, we were accepted into a local incubator. Currently, we are in the process of concluding our seed investment round.”
Moataz, however, cited the reactive, rather than proactive stance, which most firms assume on the issue of cybersecurity as a challenge to the business’ growth and expansion. According to him, companies are more likely to pay attention to the subject only in the aftermath of an actual attack – an apparent case of prevention being better than the cure for all things but this.
“Although a lot of hacking incidents like Careem and others have happened in the region lately, cybersecurity is still an emerging field in the MENA region. People would like to fix the problem after they have been hit by an attack, and not before it. Companies need to be proactive, not reactive, and that’s what we hope to make our customers understand.” It would appear the startup has its work cut out for it in the area of creating awareness on the need to constantly reinforce security protocols with up-to-date practices; a task which CyberTalents seems to be taking on with aplomb.
So far, Moataz has led many activities related to such matters as cybersecurity awareness, knowledge transfer, and building the cybersecurity community within Egypt and the rest of the MENA region. In 2010, he founded the Cairo Security Camp Conference, which could be considered one of the most valuable cybersecurity conferences in Egypt and the MENA region; an annual event that has discovered some remarkable talents and still runs to date. In 2011, the aforementioned conference held its first ever CTF competition for security professionals in the region. Most recently, Moataz and the rest of the Team at CyberTalents also received accolades from Abeer Khedr, Information Security Director at the National Bank of Egypt (NBE) for their role in putting together a remarkable Arab Regional Cybersecurity Capture-The-Flag Competition which came to a conclusion about a week ago via a LinkedIn post – in which she thanked the team for “organizing such challenging and motivating competitions to uncover hidden exceptional talents in the Arab world.” Currently, CyberTalents boasts a remarkable growth rate by way of talents discovered and revenue realized, with an average of 20% Month-on-Month since its official launch in March 2017.
Abeer Khedr At The Just-Concluded 2018 Arab Regional Cybersecurity CTF Competition
Image via LinkedIn
“All talents login to our platform and go through four steps: practice, compete, get ranked and get hired. Every talent will get points for solving hands-on cybersecurity challenges in different categories and with different levels,” the CEO told WeeTracker. “Categories vary between web security, network security, mobile security, malware analysis, digital forensics, cryptography, and others. Best talents are ranked in their countries or across the world based on their skills. On the other hand, companies will be able to recruit the best talents who have showcased their cybersecurity skills to the fullest extent.”
Moataz Salah (First-Left) Alongside Winners & Stakeholders At The 2018 Arab Regional Cybersecurity CTF Competition
Image via LinkedIn
With this two-pronged approach which incorporates discovering talents and connecting them with employers, the platform truly stands out. CyberTalents is poised to bridge the apparent disconnect that exists between the talent pool and the companies that require such talents across the globe by serving up an automated medium which will enhance the creation of CTF contests and provide it as a service to unearth the best talents, rank them across the globe, and bring them into the big time.
The company’s vision is to build the largest cybersecurity community in the world so as to be able to tackle problems that exist in the form of a shortage of human resources in the field, as well as future problems that could arise in the world of cybersecurity.