“Dear Bhatt,
Thank you for your report. We have confirmed that this is indeed a risk.”
These are among the many mails that cyber security analyst and ethical hacker Muneeb Amin Bhat receives in his mailbox. The first of such mails he received, which contained a reward, added to the young hacker’s happiness. He realized that “Hey, this could be a legitimate career!”
These email senders include the latest emails from multinational companies such as Oracle, Apple, Intel, McDonald’s and NASA (The National Aeronautics and Space Administration).
The 22-year-old self-taught from Jungalpora in Kulgam, Kashmir has carved a path for himself in the field of ethical hacking and cyber security. Battling limited access to internet and spot electricity, he worked hard towards his goal.
A feather in his cap has been his work for Apple and NASA. In 2023, he discovered a critical vulnerability in Apple that could compromise the data of thousands of its users. Apple acknowledged his discovery and inducted him into its Hall of Fame in August 2023.
For the US Space Agency, he discovered unknown vulnerabilities through their Vulnerability Disclosure Program which also earned him a name in their Hall of Fame.
He spent hours helping these companies secure their data, making millions of dollars in addition to certifications.
Here is his story:
A go-to technique
Munib’s interest in computers started at the age of nine. He would hack into his friend’s social media account and wifi server.
“I inform my friends to secure their social media accounts. When I inform shop owners or neighbors about a security leak in their Wi-Fi, they appreciate my efforts and thank me,” says Munib. Uttam IndiaRealizing the importance of your work.
He was also the go-to ‘gadget fixer’ in his village for any problem with mobile phones and computers.
Despite living in a village with no facilities and facing challenges ranging from electricity to internet connectivity, he pursued his passion in the era of 2G cellular networks. Watching movies like The Matrix, Live Free or Die Hard opened his eyes to the world of ethical hacking.
His father bought him his first computer in 2012, after which, the young lad would spend hours on the internet learning the basics of hardware, networking and programming. He learned from tutorials on Google and YouTube, following the likes of the late Kevin Mitnick, one of the most famous hackers.
“I learned that we can protect data for organizations. Although companies have their own security teams, they invite ethical hackers to report vulnerabilities in their data through their responsible disclosure program,” he added.
According to a Forbes report, more than 343 million people were victims of cyber attacks in 2023. Data breaches are expected to increase by 72 percent in 2023 compared to 2021, making the need for ethical hackers and cyber security experts even more imperative.
After class 12, Muneeb did his B.Tech in computer science at a college 80 km away. The daily commute and classes left him no time to pursue his passion. With his father’s support, he decided to drop out in second year to focus solely on ethical hacking.
“I can either complete my engineering degree or focus on cyber security. To pursue my passion, I decided to do a BCA degree in cyber security which also gave me time to hone my skills,” adds the 22-year-old.
He is currently pursuing BCA through correspondence from Indira Gandhi National Open University (IGNOU).
“For Apple, I discovered a user data leak in iCloud. I submitted my findings in July 2023 and received their approval a few months later,” he adds.
He has developed his own interception tools that help him test data and detect leaks.
While her family was initially hesitant about her choice, the rise of cyber security as a viable career option and financial rewards offered by companies for identifying breaches in their data helped convince them.
Called ‘bug bounties’, companies offer anywhere from $100 to $10,000 per vulnerability. Rewards increase based on the criticality of the violation.
Munib wants to join a company as a cyber security analyst after completing his degree.
“My goal is to ensure the security of user data and company websites and domains,” he says.
Cybersecurity and ethical hacking space is growing and many jobs are open in India and abroad. For anyone who wants to enter this space, more than a degree, Munib says self-learning and knowledge about hardware, operating systems and networking is essential.
“A basic computer degree like BCA or MCA or BTech will be good to enter this field. Certificates like OSCP (Offensive Security Certified Professional) and CEH (Certified Ethical Hacker) will add value to your resume. Computer hardware, networking, operating systems like Linux, programming languages , learning coding languages ββand more is the most important thing,β he shares.
Edited by Padmashri Pandey, Image courtesy Muneeb Bhatt