Ethical hacking is swiftly turning into a lucrative spare-time activity — for a small chunk of white-hat hackers at least.
In its annual report, breach disclosure platform HackerOne revealed it handed out nearly $40 million in bug bounties to security researchers in 2019 alone. The amount equals almost half of the $82 million the company has cumulatively awarded over the years.
HackerOne further noted there is now seven hackers on its platform that have scooped over a million for finding security kinks, as well as 13 more whose earnings have flown past the $500,000 mark. Of course, those high earners represent only a tiny fraction of the platform’s more than 600,000 registered researchers.
Ethical hacking appears to be booming in Austria and Switzerland, with researchers from those regions earning 950% more than what they did in the year before. White-hatters from Singapore, China, and other countries from the APAC area also increased their bounties by 250% year-over-year, according to the report.
Still, the most prominent bounty hunter by nation is the US which clinched 19% of all prize money in 2019, followed by India and Russia with 10% and 8%, respectively.
That said, the results aren’t all that surprising considering the lion’s share of bounty prize money comes from US-based companies.
Well, given that breach damages are expected to surpass $6 trillion annually within five years, it might not be too late to get in on the action. As it turns out, you don’t even need to go to school for it: Eight out of 10 white-hatters said they learned their craft through online resources and self-directed educational materials.