‘We had NGOs for press, medical staff, and mental health issues, but not for cyber-attack victims’

Hackers Without Borders co-founder discusses the NGOs timely arrival

INTERVIEW A trailblazing humanitarian group launched last month as Russian troops massed on the Ukrainian border. What followed has made its existence all the more necessary.

Hackers Without Borders (HWB) is a Geneva-based non-governmental organization (NGO) that is offering emergency infosec assistance to other NGOs and providers of critical services.

Like fellow NGO and semi-namesake Médecins Sans Frontières (Doctors Without Borders), the group emphasizes its neutrality when helping victims of armed conflict.

Staffed by volunteer hackers and infosec experts, the organization will, free of charge, help individuals or organizations handle the fallout of cyber-attacks, protect them from further assaults, and bolster their cyber-resilience.

“We have NGOs for press, for medical staff, and mental health issues, but not for protecting and helping the victims of cyber-attacks,” HWB co-founder Florent Curtet tells The Daily Swig.

“We hope to change this by creating an NGO that’s run by cybersecurity experts, who can provide security assistance to those in need.”

Curtet, a web security specialist who has previously pen-tested systems for Interpol, the UN, and the French Ministry of Armed Forces, is one of four co-founders with a range of expertise.

The others include Pierre-Marie Léoutre, a crypto-security expert and former threat intelligence specialist at the Gendarmerie Nationale; Karim Lamouri, a multilingual IT director for a Parisian suburb and security consultancy CEO; and Clément Domingo, an ethical hacker, capture-the-flag (CTF) competition founder and participant, and founder of a digital privacy awareness-raising campaign aimed at students.

RELATED Bug bounty leader Clément Domingo on cybersecurity in Africa, hacking events, and chaining vulnerabilities for maximum impact

Red Cross attack

The quartet decided to form HWB after being angered by the recent cyber-attack against the International Committee of the Red Cross that exposed information belonging to over half a million “highly vulnerable” people.

On February 4, just over two weeks later, HWB launched with the vision of “a taskforce that could be mobilized quickly” in similar situations.

BACKGROUND Red Cross servers ‘were hacked via unpatched ManageEngine flaw’

Curtet, also CEO of IT security services provider NEO Cyber, points out that “most wars are now digital – war happens not just with an M16 but behind a keyboard and screen – and [often happens] under the radar.

“The goal for us is to be alert to when a [vulnerable] person or institution is being attacked and cannot protect themselves.

“We are here to be like firefighters for people, companies, institutions that don’t have the money, skills or information to protect themselves from today’s digital threats.”

The International Committee of the Red Cross was hit by a cyber-attack in January 2022The Red Cross was hit by a cyber-attack in January 2022

Pro bono protections

HWB’s pro bono services are built around three pillars. First, the NGO will seek to prevent attacks against vulnerable targets by identifying vulnerabilities, sharing intelligence related to attackers’ tactics, techniques, and procedures (TTPs), and providing cyber awareness training.

HWB will also aim to neutralize the infrastructure of attackers through forensic analysis, triage, website takedowns, and escalation to law enforcement and national computer emergency response teams (CERTs).

Finally, it will support them in managing domains and network profiling, auditing and hardening networks, and bolstering cyber defenses.

An intelligence platform for sharing indicators of compromise (IoCs) – dubbed an “NGO CERT” by HWB – is also in the pipeline.

Screening process

Recipients of this support could include charities, healthcare organizations, and frontline workers worldwide – against which cyber-attacks can have particularly grave consequences.

However, HWB is apparently willing to help a broad range of people and organizations.

“Whatever your religion, whatever your culture, or country that you live in: we are here to help anybody,” says Curtet. “We want to push transparency and universality.”

Read more of the latest information security industry news

With such broad ambitions, the Hackers Without Borders can ill-afford to squander scarce resources on lower priority cases. As such, it has already rejected a number of applications for help that failed to satisfy its ‘reliability’ criteria, says Curtet.

“We are here to help people who can’t or won’t spend $10,000 on a penetration test, or a security remediation company,” Curtet explains.

If the criteria for receiving help is met, then cases will be triaged according to criticality – what Curtet dubs a “pyramid of emergencies”.

“It’s complicated to address everything, but we have a priority list and we'll first address [clients related to] health, poverty, and – it’s a bit tricky, but we have to do it – cyber bullying and harassment,” he says.

HWB is already filtering requests for help from a healthcare organization and two humanitarian organizations in the Ukraine/Belarus area.

“The clearance process is a bit time-consuming for a war theatre or soon-to-be conflict as we must be sure we are not helping a government,” he says.

Political neutrality

Curtet repeatedly emphasizes the organization’s political neutrality.

“We want cyber peace. We are not going to [launch offensive cyber weapons], help with field intelligence or help one government more than another – we are there as firefighters.”

He adds: “We already perform a lot of scans and scrapings of the dark and deep web for intelligence to protect non-legitimate military targets as defined by the Geneva Conventions.”

Hackers Without Borders is helping cyber-attack victims around the worldHackers Without Borders (from left): Karim Lamouri, Florent Curtet, and Clément Domingo

Building support

A small team of five to seven people combined with a firm commitment to making the organization ultra-secure has meant “we’ve been sleeping 2-3 hours per night”, says Curtet. “We’ve been hardening [systems] like crazy. We have a very tight access control list [ACL] [for instance]”.

Fortunately, HWB’s meagre resources are now being reinforced.

While Curtet’s initial requests for help from infosec contacts were mostly, politely declined, when the website launched “we had over 20 [people] saying ‘I’m sorry, I didn't know it was such a good project. I would really like to be part of it’.”

As of Monday (March 1), the organization had attracted 173 volunteers and others, whether from the infosec community or not, are invited to join too.

Curtet also says some “big meetings with very big investors” are scheduled. “We have some very good things going on to help us technically and financially.”

‘Crystal clear and transparent’

HWB is incorporated, and has an official NGO designation, in France, but also recently registered in Geneva with a view to becoming a UN-affiliated NGO in two years’ time, subject to a comprehensive audit.

HWB says it will be funded exclusively by donations. “We want to be crystal clear and transparent and that’s why everything we do will be tracked on smart contracts and every donation will be traceable,” says Curtet.

“We are not going to make money – all four of us founders are losing money as of now. The goal is to get indemnities, do some good, and have a strong NGO without the pressure of governments” [affecting how we operate].”

Organizations seeking help from HWB can email them on help@hwb.ngo or alert@hwb.ngo.

This article was updated on March 4 to reflect the fact HWB is based in Geneva, Switzerland, not in Paris, France as was previously stated.

YOU MIGHT ALSO LIKE Ukraine invasion: WordPress-hosted university websites hacked in ‘targeted attacks’