ABU DHABI // Before becoming Europe’s No 1 ethical hacker, Jamie Woodruff took advantage of his autism to become a computer boffin and started hacking when he was nine.
In discussing with young people how challenges can be turned to opportunities, Mr Woodruff, 23, showed how he overcame autism, dyslexia and dyspraxia.
“I did not have access to education sectors that you would see. When I went to school it was socially awkward,” he said.
He lasted three months in college before he gave up to help people with special needs.
Then, one day, he was asked if he wanted to enter a hackathon, where the top hacker won an expenses-paid university degree.
He won the challenge and enrolled in the School of Computer Science at Bangor University.
“So I went back to uni, and started teaching (ethical hacking) while I was still a student.”
Today, he is paid by companies such as Bloomberg and Barclays to test their systems and tell them what is wrong with their security.
He demonstrated to the audience of the Global Summit for Women Speakers of Parliament how he could break into a company’s CCTV camera.
“We can actually control it, not only see it [but also] move it left, right, up and zoom.”
In fact, this could be his way to hack into a system, he said.
“So I would go to a CCTV camera in your company and find out when people are walking in and out, and when there is a conference I walk in.”
He also showed a device he built in a weekend’s time which he calls “the secret”. With that device he could monitor keywords and find out how many people were trying to hack Donald Trump for instance.
Hacking today has become as simple as downloading an app on an Android phone: “My advice is just look at what you’ve got to protect and how it could be protected.
“You should keep phones and everything up to date with the latest version. But anyway, if someone wants to hack you, they will.”
He demonstrated another device, which could unlock any modern car that does not require a key, and make it move.
He believes end-users are the weakest security links.
“Just by making a simple call I can reset someone’s password in five minutes. Hackers are taking advantage of this.”
An example is when he was invited to speak at a conference in Norway, and the organiser insisted that he perform a hacking trick.
“So [with his permission] I broke into his hotel room, stole his laptop …”
The next day, with 800 people watching, Mr Woodruff asked the organiser to walk outside: “I said stop and look to your right, there was his car right in front of him, I turned it on with my laptop.”
“Him being an end user, he uses the same password for everything so I could recover everything,” Mr Woodruff said.
His most famous tricks include when he posed as a Domino’s delivery man – a job for which he applied and was accepted “very easily”, in order to break into the server room of a large financial institution. After monitoring the action at the institution he noticed that staff ordered from Domino’s every Friday, and once he had the uniform, that was his way in.
“So, every Friday, this guy from Domino’s would appear to deliver pizza and pass by security and I was in.”
He would observe everyone’s behaviour, until he made his move.
“I could have stolen hundreds of thousands of dollars, but I’m ethical, I don’t do that.
“Another thing about improvisation, I flew all the way to Australia to speak at a conference, and I hadn’t planned what to say.”
When he entered the hotel, he started searching for orange juice. “I had a thing to try orange juice everywhere I go.”
“I could’t find any, so I said I will go to the kitchen and help myself.”
He found the chef’s uniform there, changed into it and went to the conference and started serving biscuits. As he did that, he collected everyone’s pin, and then demonstrated his findings on stage.