As companies rush to leverage emerging technology to stay ahead of the competition, they are also putting themselves in the line of fire for various cybercriminals looking to deploy malware. However, ethical hackers are taking the lead as they help more and more companies stay safe every day.
This is evident from a new report from HackerOne, a hacking program that rewards ethical hackers for discovering and responsibly disclosing major vulnerabilities. According to the new report, the ethical hacker community just surpassed $300 million in all-time total rewards on the platform.
Of that number, 30 hackers made well over a million dollars. One hacker made more than four million.
Big payouts
It’s perhaps not surprising that the highlight of this year’s Hacker-Powered Security Report 2023 is Generative AI. It was said that more than half (55%) of hackers plan for the tool to become a top target in the coming years. Nearly two-thirds (61%) will use and develop generative AI hacking tools to find more vulnerabilities, and another 62% plan to specialize in the OWASP Top 10 for large language models.
GenAI will also be used to write better reports (66%) and better code (53%), and to break down language barriers (33%).
One of the reasons for the rising popularity of ethical hackers is the lack of in-house expertise and talent. In fact, 70% of customers said hacker efforts helped them prevent a significant cyber incident. Additionally, 75% of HackerOne customers believe exploited vulnerabilities are their biggest threat, surpassing phishing (22%), insider threats (12%) and state-sponsored threat actors (10%).
The biggest rewards come from crypto and blockchain companies. They offer the highest average total rewards and handed out the highest payout of $100,050 this year, the report said. In addition to looking for bugs, hackers are also involved in pentesting (54%).
“Organizations are under pressure to adopt GenAI to stay ahead of the competition, which in turn is transforming the threat landscape. To stay proactive about emerging threats, you need to learn from the experts in the trenches: hackers,” said Chris Evans, HackerOne CISO and Chief Hacking Officer.
“The Hacker-Powered Security Report makes it clear that hackers are actively expanding their skills to counter emerging threats. The versatility of hackers and the impact of the vulnerabilities they expose make them critical to how our customers anticipate and address risk.”