Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on February 25, 2020

Hackers earned nearly $40M in bug bounties in 2019

White-hat hacking is turning into a lucrative spare time


Hackers earned nearly $40M in bug bounties in 2019

Ethical hacking is swiftly turning into a lucrative spare-time activity — for a small chunk of white-hat hackers at least.

In its annual report, breach disclosure platform HackerOne revealed it handed out nearly $40 million in bug bounties to security researchers in 2019 alone. The amount equals almost half of the $82 million the company has cumulatively awarded over the years.

[Read: This hacker made $120K in a week by finding bugs in EOS cryptocurrency]

HackerOne further noted there is now seven hackers on its platform that have scooped over a million for finding security kinks, as well as 13 more whose earnings have flown past the $500,000 mark. Of course, those high earners represent only a tiny fraction of the platform’s more than 600,000 registered researchers.

Ethical hacking appears to be booming in Austria and Switzerland, with researchers from those regions earning 950% more than what they did in the year before. White-hatters from Singapore, China, and other countries from the APAC area also increased their bounties by 250% year-over-year, according to the report.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Still, the most prominent bounty hunter by nation is the US which clinched 19% of all prize money in 2019, followed by India and Russia with 10% and 8%, respectively.

That said, the results aren’t all that surprising considering the lion’s share of bounty prize money comes from US-based companies.

Visualization of the Bounties by Geography showing on the right where the organizations paying bounties are located and on the left where hackers receiving bounties are located.

Well, given that breach damages are expected to surpass $6 trillion annually within five years, it might not be too late to get in on the action. As it turns out, you don’t even need to go to school for it: Eight out of 10 white-hatters said they learned their craft through online resources and self-directed educational materials.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top