CRAIG SIMCOX/The Dominion Post LEGITIMATE HACKERS: Lateral Security co-founders Ratu Mason, left, and Nick von Dadelszen test website security.
Hacking into the computer systems of banks and government departments is usually the preserve of cyber criminals, but Ratu Mason and Nick von Dadelszen have turned it into a flourishing – and legitimate – business.
They own Wellington company Lateral Security, which tests the websites, databases, mobiles and email systems of large corporate and government clients for vulnerabilities, Mason says.
"We test all the communication channels that go in and out of a business that are internet based. Clients generally do regular testing and if they're rolling out a new system or service, they want to make sure it's OK before it goes live," he says.
The company also responds to "ambulance calls" to help organisations investigate an attack, von Dadelszen says.
"They might not know where they have been hacked, how it happened and how far someone got in."
Hacking attacks are becoming more frequent, he says, and recent high-profile intrusions include the Sony PlayStation network hack, an attack on Melbourne online services company DistributeIT, and the disabling of the New Zealand Parliament website by hacking group Anonymous.
Mason says the increase in attacks is partly because there is more technology, and people are more reliant on it for work and personal matters.
"You've got so many more mobile devices these days and they all have high-speed internet access, and the processing power of computers has gone up so much you can do more continuous types of attacks than you would have been able to do before."
The company's eight staff use the same methods as criminal hackers to try to breach systems, and are constantly researching and upskilling on the techniques, says von Dadelszen.
He found he had a knack for security after his university flatmate challenged him to hack into his computer.
Lateral Security has clearance to do security testing work for governments in Australia, Canada, the United States and in Britain, where it has set up a "virtual office" to help clients, Mason says.
It has recently opened an Auckland office, with three staff, and plans to hire a further three.
"Our biggest challenge in this industry is finding skilled people and making them realise that you can actually make a legitimate living out of doing what we do."
It plans to set up an office in Hong Kong, Singapore or China.
"They are the major growth markets and they are becoming major financial hubs in the world, and that means they will have more to protect."
It continually stresses to clients the need to back-up systems and data, Mason says.
"We might be engaged to do a week's worth of work and find a whole bunch of things. But the real nasty guys out there have all the time in the world. You always need to be prepared that, at some stage, you may get hacked."
Von Dadelszen says his job description is usually a good conversation starter.
"The first question I always get is, `Can you put money in my bank account?"'
- BusinessDay.co.nz
