e2 Labs to set up Asia’s first School for Ethical Hacking in Hyderabad

Hyderabad, April, 2003:  e2 Labs, Hyderabad’s start-up company co-founded by world’s renowned ethical hacker Mr. Ankit Fadia and a city based avid hacker Mr. Zaki Qureshey, to set up e2 Labs School of Ethical Hacking". Training Ethical hacking will be offered with an objective to protect the Information Technology assets of our country through the use of education, technology and experience. To be kicked off in June this year, it will be the first of its kind of an institute in Asia. Conceived by Mr. Zaki Qureshey, CEO and Co-founder of e2 Labs, the course curriculum is developed by none other than hacking wizard, a 17 year old hacking sensation, who is a consultant to Federal Bureau of Investigation(FBI), Central Bureau of Investigation (CBI), I-Defense and several other such organizations, and an author of three international best selling books on hacking.

Aimed at information security professionals, auditors, CTOs, CIOs, system administrators, network administrators, students, decision makers and everybody and anybody who is concerned about the integrity of their network infrastructure and offcourse not intentional hackers, batches of three kinds of durations weekly, monthly the three monthly courses are designed. All these courses are full time. The one week course is designed for who are already in the profession and corporate sponsored executives, one month program is designed for software professionals and college students. The three months program is an advanced and highly comprehensive one.

The course curriculum is designed to teach, providing a structured methodology for detailing the techniques used by hackers to assess and attack corporate networks. Beginning with a ethical part of whole things, covering legal and HR issues, reasons why one must perform ethical hack, common attack types and vulnerabilities etc, over a period the course attempts to highlight information leakage that can take place even within a seemingly secure environment. It thus provides valuable insight into how hackers circumvent and defeat security controls in networked environments, applications and operating systems. The course offers the comprehensive coverage of the essentials that were determined by the collaborative process: information assurance fundamentals, IP concepts and behavior, the Internet threat; malicious code, security policies, password management and assessment; encryption and encryption-based applications(VPN, PKI, PGP) etc and others. In all together a three months advanced diploma will have fourteen modules. The faculty includes Mr. Ankit Fadia, Mr. Zaki Qureshey and other professionals and experts drawn from the industry.

In a society so dependent on internet for electronic commerce, easy access to information super highway, collaborative computing, e-mail and new avenues for advertising and information dissemination, how secure is the system. As the network grows, it will play host to an increasing number of bugs and security loopholes. While most of the companies are ignorant of their security controls, many succumb to hackers inspite of having the best security systems and policies in place. Breaking sites, defacing them with anti national and porno messages, reading the e-mail secretly, stealing credit card numbers from online shopping site or implant software that will secretly transmit their organization’s secrets to the open Internet have become rampant in the recent past. While the best of security continues to get broken time to time by the determined hackers, what options can a helpless oranisations look forward to?

On an average every year fifty to sixty Indian websites are hacked by Pakistani hacking groups. While in retaliation, only 10 to 15 Pakistani sites are defaced. With these concerns and others the answer could lie in the form of ethical hacker, who are informational security professionals get paid to hack into supposedly secure networks, conducts security audit and expose flaws. Though we have thousands of security consultants from various companies, very few of them are actually aware of measures to counter hacker threats. So, India needs an institution which would train companies or students in the art of defending their own cyberspace. Teaching ethical hacking may be new in India, but there are plenty of institutions all over the globe.

According to an Ernst & Young report, India is the most vulnerable country for cyber attacks. In this day and age, when hackers have the tools to take down a portion of or an entire network in a short time, companies needs some kind of defence. It is no longer adequate to buy and install a simple software package and let it run. Companies need specialists, IT professionals dedicated to network security and trained to find security holes and fix them before they can be exploited. The need for security professionals is more now than before, especially in the light of occurrences of problems recently like, The Distributed Denial of Service(DDoS) attacks that took place between Feb 8 to 11, 2000, which slowed the global internet by 20 per cent and shut down or substantially slowed the world’s most popular Web sites, including Yahoo, eBay, CNN, E*Trade and FBI’s home page. The Yankee Group and Information Security magazine estimate that the DDoS attacks cost the victim sites a cumulative $ 1.2 billion in lost revenue and market cap loss, not to mention loss in consumer confidence.

In December 1999, three lakh credit card numbers were stolen from CD Universe. The Melissa virus caused an estimated $ 80 million in damage when it paralyzed e-mail systems around the world. Even recently, the I Love You virus swept around the world at an alarming rate, again bringing e-mail systems to a halt. Currently, there are about 2000 Web sites that offer tools to break into, snoop into or crash systems. These types of attacks are extremely disruptive to today’s enterprise. So the risk is serious.

Worldwide demand for ethical hackers is on the increase. Ethical hackers are becoming a mainstay of the effort to make corporate networks more secure. Their appeal is simple: More companies are deciding it makes sense to pay the good guys to break into their networks before the bad guys do it and cause untold damage. The growth of the internet has only added to the demand for vulnerability assessments, as companies have become more exposed to the outside world through the Web and finding security holes has become easier for mischief-makers because of readily available online hacker tools. Companies ranging in size from start-ups to International Business Machines Corp. have ethical-hacking teams. Computer security services, including vulnerability assessments by ethical hackers and other services, was a $ 1.8 billion world-wide market till couple of years back and is fast growing, according to Gartner Inc. a market research firm. Ethical hackers have become so mainstream they’ve been immortalized on the silver screen — in the 1992 movie "Sneakers", starring Robert Redford as the head of a group of techno-wizards who test corporate security systems.

According to IDC, a market research firm, the worldwide market for security consulting implementation, management and training services will increase from $ 5.5 billion in 1999 to $ 48 billion in 2004. And the U.S market will represent nearly half of the worldwide spending total in this area, accelerating from $2.8 billion to $ 8.2 billion spent during the same time period.

The market is ripe for infusing Internet security practice and confidentiality in India. The concept of e-security is still not fully developed in India. Hence, ethical hacking is not very popular. But it is fast catching up and it is expected that within a year ‘constructive-hacking’ will become a part of technology consulting. There are some organisations like SANS, Foundstone that offer courses on Ethical hacking abroad. But, there is none in India.

And E2 Labs is planning to cash in on the opportunity. There is a lot of scope for improving the IS practices in India and demand for security it growing quit fast. Though there are no specific details available on the demand of such professionals in India, the trained professionals in this aspect will be deifinitely very much in demand. But, how much remuneration a trained professional can expect. They command huge salaries to consult companies on security. The remunerations would be a slight premium over the standard networking and software professionals. Depending individual skills to the company hiring, the good ethical hacker may earn any where in the range of Rs 15,000 per month upto Rs one lakh. In abroad it could be even more. Several big Companies like Buchanan International, Computer Sciences Corporation, Ernst & Young, Crossbar Security and Foundstone are already hiring such professionals.

The fee for the three different programs is Rs 25,000/- for a One Week, Rs 75,000/- for One Month and Rs 1,50,000/- for a three month program. Anybody with a basic understanding of computers and network can join in the program. The admission will be on first come first serve basis. At the end of the course a certificate will be awarded signed by Mr. Ankit Fadia and Chief of Forensic Science of Ministry of Home Affairs.

e2 Labs soon will be unveiling a private security portal www.cybercrimesindia.com to book cyber crimes online. It will be first private security portal in the country, which will book civil cases online. A 24 hour one of its kind Incidence Response Centre will be set up at e2 Labs. This will monitor network activity constantly for its clients to combat cyber attacks. Incidence Response Centre will be monitored by watchdog professionals for the companies to avert attacks on their networks.

Reachout's News Bureau
-April '2003
 

More News