So-called white hat hacker Grant Cherrington, of Wellington, has given up the practice of making uninvited security checks on organisations’ online systems.
Cherrington, and an Auckland security specialist, Brett Moore, of Software Creations, were branded unethical by others in the security industry for the practice.
Cherrington says he’s given it up because it took too much time and did not generate sufficient business.
“The hosts identified as insecure were generally unappreciative of our efforts. We are now being paid to conduct ‘penetration testing’ by organisations and agencies with security-conscious network administrators,” he says.
Moore says he’s abandoned the practice because once insecurities were identified, the administrators of the vulnerable systems were fixing the holes themselves. “And since it was therefore not generating business, we have stopped,” he says.
The man who criticised the pair, Auckland security specialist Tony Krzyzewski, of Kaon Technologies, has welcomed their change of heart, saying it makes them more “professional and ethical”.