From the quiet hills of Sikkim to the global stage of US-based National Aeronautics and Space Administration (Nasa), Rivek Raj Tamang, a young ethical hacker, has scripted a journey that reads like a thriller. The hero uses codes instead of capes.
Rivek, 26, a security researcher, a term that describes ethical hackers, recently received two letters of appreciation from NASA after he detected security vulnerabilities in the computer system of the US space agency.
“The ability to detect and report on security vulnerabilities is a valuable skill in information security industry. Your reporting has facilitated NASA’s awareness of otherwise unknown vulnerabilities and helped us protect the integrity and availability of NASA information,” read the letter from Tamiko Fletcher, acting senior agency information security officer of Nasa.
Nasa has a vulnerability disclosure policy to report detected issues to
the agency.
Rivek detected vulnerabilities not just for NASA but also for other US government departments, Indian Railways, World Health Organisation (WHO) and Australian Cyber Security Centre, among others.
Rivek also earned praise from the Indian Computer Emergency Response Team (CERT-In), a national incident response centre for major computer security incidents that operates under the ministry of electronics and information technology.
He had been inducted into nearly 50 halls of fame for his job.
The ethical hacker had done his master of computer application and believes in attacking to help prepare for better defence.
“Ethical hackers expose vulnerabilities of various systems and inform the people concerned to ensure that they come up with better defence for the system,”
said Rivek.
He was always interested in the topic right from his school days.
“Curiosity, movies and pop culture also influenced me to be an ethical hacker,” said Rivek, who considers himself to be somewhat of a “geek” on movies and pop culture.
Rivek also reported security issues for private organisations and received “bounties”.
“Bounties are basically cash incentives provided by private organisations. I have not received much but around ₹50,000 in bounties so far,” said Rivek, a resident of Gangtok.
The hacker intends to address the cybersecurity issues in Sikkim.