Aktia supports young ethical hackers
Ethical hackers, or white-hat hackers, are working for the good guys trying to find vulnerabilities in information systems. The goal is to identify weaknesses in systems before criminals do, and thus enhance and improve digital security.
Hacking can also serve a good purpose, and like many other companies, Aktia employs ethical hackers to enhance its information security. Simulating cyberattacks is one of the most critical measures to improve security, which is also required by the regulatory authorities overseeing banks.
“A significant part of finding vulnerabilities in systems is based on ethical hacking. White-hat hackers use the same methods as criminals, the difference being that they have a licence to operate,” says Henri Heinonen, Chief Information Security Officer at Aktia.
Next Gen Hack FI supports young people interested in ethical hacking
Next Gen Hack FI is a Finnish non-profit association that brings together young people interested in information technology and increases their understanding of ethical hacking, information security and job opportunities in the industry.
Aapo Oksman, Vice-chair of the association, works as a security specialist at Nixu, a cyber security company. He knows hacking is a powerful tool that can also do a lot of harm.
“It is sad to see young people in their early 20s getting caught for crimes they have committed as minors. That is why it is important to provide legal services and platforms and to guide them in what may and may not be done. Young people are not particularly interested in what they hack, the important thing is the desire to learn and to show their skills,” Oksman says.
One way to activate young people eager to try new things is through different challenges. The challenges are professionally planned hacking tasks at different skill levels that are rewarded with points. The challenges are a way for young people to prove their skills and, ideally, success in the challenges will result in at least a summer job or a traineeship.
“It is nice that we can help young people find a way into the information security industry and companies getting skilled experts. As a young hacker, I did not see information security or hacking as work. My way to the industry was not straightforward,” Oksman says.
Finland's team is preparing for the European Championship in Norway
Next Gen Hack FI has been organising challenge competitions in Finland for a couple of years. Last year, Finland was represented for the first time in the European Cyber Security Challenge. This year, the three-day challenge will take place in Hamar, Norway, from 24 to 26 October. A team of 10 will head from Finland to Norway. Half of the members must be under 20 years of age, and the other half must be between 20 and 25 years old.
“Last year, we finished in 12th place, and this year the goal is to win, of course. We are facing tough countries, as Europe has a long tradition of gamified hacking,” Oksman says.
The specific competences of each member, such as web applications, mobile phones or information networks has been considered in the selection of the team. Both women and men compete on the team.
“The best players in the different categories were selected for our team through a tough process. The competition is a capture the flag exercise, and at the moment we are practicing challenges typical of the competition together,” Oksman says.
Legal hacking is in everyone's interest
If a young person drifts into bad company in hacking, it may be difficult to get out and the road to a “real” job is blocked. In addition to safe platforms and tools, you also need knowledge. Companies and authorities have joined forces to get young people off the path to cybercrime in time. Oksman has also been to schools to discuss the subject.
“The next step could be to activate educational institutions so that cyber security studies could be completed at vocational schools, upper secondary schools and higher education institutions,” Oksman says.
Aktia supports the national team by offering it training facilities in its studio in Helsinki.
“Supporting young ethical hackers is an investment in the wellbeing of young people and the security of banking services. The impact of work well done extends to society as a whole,” says Henri Heinonen, Chief Information Security Officer.
The European Cybersecurity Month takes place in October.
“We systematically develop the security of our systems and services and guide our customers in safe banking. It is of the utmost importance that our customers can manage their banking affairs safely in all of our channels. The European Cybersecurity Month is October, but for us at Aktia it is every month,” Heinonen says.