Rafay Baloch, 22
Hacking is considered a notorious term, and for good reason. Ethical Hacking, on the other hand, is being used by the world’s best organizations to secure themselves from the increasing cyber crimes. Pakistan is the proud home of Rafay Baloch, one of the world’s top 5 ethical hackers.
Rafay began his life in Karachi as the son of doctor parents. As most Pakistani parents are, he was urged to follow them and become a doctor. However, Rafay had other plans and he wasn’t afraid to pursue them. He eventually got an admission in a BS(CS) program. Having always been interested in the concept of hacking, Rafay would spend his time using his android device to perform security research work. In 2009, he started a blog for sharing tips and tricks related to security researching and ethical hacking with his readers.
His break came, when in 2012, he hacked into PayPal – exposing gaping vulnerabilities in their service. PayPal recognized Rafay by awarding him $10,000. They also offered him a job which he could not accept for some personal issues. In 2014, Rafay released a report on an Android bug: SOP issues in Android’s stock AOSP browser, which according to Google’s own stats made 75 million devices prone to attack. Following that, his work has been reported by some of the world’s top news agencies like Forbes and BBC. He has also been inducted into Microsoft, Facebook and Google’s Hall of Fame.
In the light of his top-notch work, in December 2014 he was listed in SC Magazine’s list of Top 35 Threat Seekers in the World. Furthermore, on 31 December, 2014 Rafay was listed among the world’s top 5 ethical hackers by the prestigious CheckMarx magazine.
Despite being an internationally famed Ethical Hacker, Rafay has not received due recognition in Pakistan. While it’s inarguable that we have bigger issues to deal with, but people here are not even properly familiar with the idea of Ethical Hacking, and most of the population is completely oblivious to threats posed by cyber security.
Despite that, in 2016, Rafay will be getting a new book published related to WebApp Hacking. He is also hoping to attend multiple Security Research conferences; he has already been selected for the Black Hat Conference to be held in April 2016. His main aim would be to present his findings to a more wider audience and play his part in moving towards a more secure cyber space.
Truly an unsung hero, Rafay hopes that his efforts will make a difference in the long run.