At first glance, it will look like any other cool startup company. Bean bags, bright furniture and cool painted walls, red bulls instead of tea or coffee. This setting is of a software based company at Gurugram where a group of 5 IT professionals work engrossed in their laptops. But then the similarity ends. Those young men are busy trying to hack into one of India’s largest bank’s network.
A race is on. The first one to hack into the bank’s system gets a few lakhs. Once inside, they could wreak havoc, moving hundreds of crores, opening and closing accounts at will and potentially do anything they want.
Named Silver Lining, this is a group of ethical hackers who were hired to test the bank’s online security.
It does not take long. Less than three hours after they started, Harjeet or Harry as he is known, makes the breakthrough, hacking the main router of the bank.
“The router directs all requests from genuine online bank customers. I now have the password and control of the router. If I want, I can direct all online requests from customers to a fake site and literally trick them into giving their login and passwords to me,” Harry said, a huge grin on his face.
At the age of 22, he is the youngest in the group and everyone is happy that he has made the first break.
There is camaraderie in the group. But they also believe in healthy competition and after a few minutes of checking Harry’s progress, the rest get back to their computers to try and hack further into the bank’s systems.
“A malicious hacker will not wait for an invitation to hack. Every day, thousands of hack attempts happen on major websites but go undetected and unreported. Companies invite us to deliberately hack their systems to check vulnerabilities and plug those gaps,” said Ankush Johari, the founder of BugsBounty.
Two hours later, they managed to get deeper into the banks computer systems.
“We can do a lot sitting at our homes in pyjamas than a person out with a gun,” said Mr Johri. “We do what we can to make systems secure for all of us and safe from malicious hackers.”
At this stage, the ethical hackers can virtually move crores across accounts, open and close accounts and practically run the bank.