Marc Maiffret knew it was time to grow up when he awoke one morning in 1998 to an FBI agent holding a gun to his head. "All that hacking had caught up with me," says Maiffret, CTO and chief hacking office at eEye Digital Security .
The then 17-year-old high school dropout and hacker had just moved back into his mother's Orange County, Calif., home and ironically had landed his first real job after a year living as a runaway in Florida at a hacker buddy's home.
"He [the FBI agent] had a gun to my head and said, 'Don't move,' and yanked my covers off," says Maiffret, now 25. "And there was this guy running past my room with a shotgun like [it was] a drug [bust]. This was extreme, because I was just some computer nerd."
The FBI confiscated Maiffret's computer equipment, but he was never charged or arrested. Maiffret still really isn't sure what they were after, although the agents told him it had to do with government-related information. "It was just everything I was doing then" in hacking, he says. "But I wasn't doing anything destructive."
He calls the incident a turning point. "I was about to turn 18 and I needed to stop screwing around with all of this," he says.
So practically overnight, Maiffret converted from teen hacker/phone phreaker/script kiddie to a real researcher. Just a few weeks after the FBI raid, he teamed up with Firas Bushnaq, who he met through his job at Bushnaq's Web hosting company, to found eEye Digital Security, an endpoint security and vulnerability management software company. eEye's flagship product, Retina Network Scanner, was based on tools Maiffret had written in his hacker days.
"I had shown him the tools I was making, which later became [the basis] for Retina," Maiffret says. "For whatever reason, he saw something in me and trusted this punk kid with red hair."
Maiffret quickly found his feet as a researcher, discovering several critical Windows vulnerabilities in the late '90s. And he and a team of eEye researchers were the first to detect the first major Microsoft worm, the infamous Code Red that spread around the globe in 2001. (They named the worm after the cherry Mountain Dew soft drink of the same name that they were downing while they picked apart the worm).
"That's when everyone was having their doorknob jingled or kicked down" by worms, he says.
Maiffret says these days, it's the silent threat that worries him most. Since there hasn't been a major worm nor a widespread attack for some time, IT has gotten a bit complacent, he says. "Today we have zero-day attacks, which are a wakeup call," he says. "You have to realize that just by being on the Net, you are a target and vulnerable. We're actually worse off today" than in the worm era, he says.
He doesn't do much research these days -- Maiffret is the front man for eEye on the business side and his sales staff joke that he's their top guy. Maiffret reminisces longingly about the simple "old days" of hacking, where it was more about sending a message or making a name for yourself rather than profiteering with someone's identity or other cybercrimes that now motivate bad hackers. "Hacking is a business now," he says. "I wish kids out there were passionate about doing for the sake of doing it. But I [suppose] if you have the skills, why not make a living doing it."
Meanwhile, Maiffret says he takes pride in trying to spot and hire the next generation of white hat hackers to carry the torch. Like Maiffret, some don't come with diplomas from big-name universities -- one researcher he hired worked at a video store. "I like finding that next guy, with not exactly the right college degree, but who wants to be the next crazy researcher," he says.
Kelly Jackson Higgins, Senior Editor, Dark Reading