http://www.forbes.com/sites/andygreenberg/2014/02/12/inside-endgame-a-new-direction-for-the-blackwater-of-hacking/
By Andy Greenberg
Forbes Staff
2/12/2014
This story appears in the March 3, 2014 issue of Forbes.
In the classic hacker career narrative, a juvenile genius breaks into the
Internet's most sensitive networks, gets caught and then settles into a
lucrative corporate gig selling his skills for defense. Nate Fick is
trying to pull off the same story with an entire company.
Fourteen months ago Fick took over as chief executive of Endgame, perhaps
the most controversial name in Washington, D.C. cybersecurity contracting.
For years Endgame's elite hackers worked in the shadows of the Beltway to
build and sell "zero-day exploits," an industry term for malicious code
that abuses a previously unidentified vulnerability. As a contractor to
military and intelligence agencies including the NSA, it enabled some of
those customers’ most intrusive spying practices by offering ways to break
into software from the likes of Microsoft - MSFT +0.79%, IBM - IBM +0.3%
and Cisco for millions of dollars.
Fick’s daunting task now: To shift his firm's focus to the far wider
market in commercial defense products -- and in the process, to shed its
reputation as the Blackwater of hacking. The 36-year-old CEO, a former
elite Marine reconnaissance captain who served in Iraq and Afghanistan
before developing what he describes as a personal distaste for violence,
hints at a motivation for the change beyond profit. An ethical cloud still
hangs over Endgame for its track record in undermining the Internet's
security.
Fick’s first move: taking Endgame out of the zero-day exploit game. "The
exploit business is a crummy business to be in," says Fick, sitting at a
coffee shop near Endgame's unmarked office in Arlington, Va., which has
never before allowed a reporter inside. "If we're going to build a
top-tier security firm, we have to do things differently... This is one of
those happy circumstances where business realities, reputational concerns
and my personal feelings aligned."
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
