Bug bounty: Hackers bagged over $82 million; career opportunity turns viable, says report

The concept of hacking as a viable career has become a reality as full-time ethical hackers have earned more than $82 million in bug bounties on HackerOne to date and the community has expanded to over 600,000 with nearly 850 hackers registering any given day.

Nearly 18 per cent of these describe themselves as full-time hackers, searching for vulnerabilities and making the internet safer for everyone, according to San Francisco-based bug bounty platform HackerOne`s "2020 Hacker Report".

See Zee Business live streaming below:

Hackers from the 170 countries including India are working daily to protect 1,700 companies and government agencies - including Zomato and OnePlus -- on the HackerOne platform.

Hackers in the US earned 19 per cent of all bounties last year, with India (10 per cent), Russia (8 per cent), China (7 per cent), Germany (5 per cent), and Canada (4 per cent) rounding out the top six highest-earning countries.

"Hackers are a global force for good, working together to secure our interconnected society," said Luke Tucker, Senior Director of the Global Hacker Community.

"Their reasons for hacking may vary, but the results are consistently impressing the growing ranks of organizations embracing hackers through crowdsourced security" leaving us all a lot safer than before," Tucker added.

Hackers from Switzerland and Austria earned over 950 per cent more than in the previous year, and hackers from Singapore, China, and other countries in the APAC region earned over 250 per cent more than in 2018.

Hacking also provides valuable professional experience, with 78 per cent of hackers using their hacking experience to help them find or better compete for a career opportunity.

Nearly 40 per cent of hackers devote 20 hours or more per week to their search for vulnerabilities," the findings showed.

Hackers earned approximately $40 million in bounties in 2019 alone, which is nearly equal to the bounty totals for all preceding years combined.

At the end of this past year, hackers had cumulatively earned more than $82 million for valid vulnerability reports.

In addition to the seven hackers who have passed the $1 million earnings milestone, 13 more hit $500,000 in lifetime earnings.

No industry or profession has experienced an evolution quite like hacking.

"It started in the darkest underbelly of the internet, where hackers roamed the online world in search of vulnerabilities. It later grew into a respectable hobby, something that talented people could do on the side. Now it`s a professional calling," said Tucker.

Food delivery platform Zomato has paid more than $100,000 (over Rs 70 lakh) to 435 hackers till date for finding and fixing bugs on its platform.

OnePlus has set up a Security Response Centre that would offer a bug bounty to security experts, who discover and report on potential threats to the company`s systems. Rewards for qualifying bugs reports will be in the $50-$7,000 range.