Internet Business (formerly Internet Computing) Melanie McMullen Oct 1998 Vol 3 Issue 10 "The Big Hack Attack" (feature article) Brad Powell could be the most important person you'll ever meet. Or worse yet, he may be someone you wish you had met sooner - because it may already be too late. At first glance, Powell doesn't appear to be too important: He's an unassuming, dishwater-blond, jeans-wearing guy in his thirties. And as a senior security architect, he has been quietly managing a 70-person security analysis team for the last four years in Sun's enterprise services division. While this job description may sound innocuous, note that Powell, sometimes known on the Net as "shooter," is also an intuitive, well-equipped hacker who could crack into your information system faster than a thief can hot-wire a Boxster. In fact, in his 10-year stint as a security emissary, he has hacked into more than 700,000 systems. His personal intrusion speed record: Six seconds, when he tapped into a government site via a misconfigured firewall. 700,000 systems .. think about it. Do the math and see how many machines this entails a day. The claim of six seconds is equally ridiculous. It takes more than 6 seconds to portscan a computer and type the command to exploit a remote service. Journalists need to realize that fudging on figures does not make the article more impressive. [snip] They constitue a new breed of good guys; they are hackers who are dedicated to fixing corporate America's security crisis. New breed? These professional penetration teams have been around for years. [snip] In fact, the demand for these code pros is so extensive that helpful hacking teams have suddenly become the Web's most-wanted resource. Hewlett-Packard and IBM are fielding high-level hacking teams, and security product manufacturers such as Secure Computing and Internet Security Systems are adding these organizations to their checklist of must-have security offerings.