One winter morning in 2015, as he left for work from his home in Silver Spring, Md., Jonathan Margulies pushed the button on his remote to close his garage door. Nothing happened. He tried again. Nothing. The motor was shot.
He ended up replacing it with a “smart” opener that not only lifted and lowered the door, but also connected to the internet. With a swipe on a smartphone, Margulies could operate the opener, and if he left the door open, the opener would send him a text. He could close it from anywhere. It’s particularly appealing to people like Margulies, who occasionally panic, in the crush of rush hour, that they’ve left their homes wide open and defenseless. To some, the smart opener may seem a godsend.
But Margulies, 36, isn’t just any consumer. For more than a decade, he’s worked as a cybersecurity expert, doing vulnerability and security assessments for Sandia National Laboratories and the National Institute of Standards and Technology, and more recently, for the U.S. Department of Justice. One area of his expertise is identifying security flaws in a company’s digital infrastructure or product by thinking and acting like malicious hackers.
Identifying security flaws is the first step in ethical hacking, where good-guy hackers — the kind you want on your side — use what they learn to improve electronic security. They tend to be obsessive, passionate and sleep-deprived. When they see cracks in the virtual world, they want to peek through to discover what’s on the other side.
