Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa.

How a Teenage Saudi Hacker Went From Lockpicking to Ransomware

Black Hat speaker and 13-year-old ethical hacker Marco Liberale talks about his interest in cybersecurity, and what opportunities he has in Saudi Arabia.

4 Min Read
Marco Liberale on stage at Black Hat Middle East and Africa.
Marco Liberale on stage at Black Hat Middle East and Africa.Source: Luke Hallewell from Informa at Black Hat Middle East and Africa

Younger speakers and researchers often garner plenty of interest at cybersecurity conferences, and these teenage stars often gain a following after it is over. Marco Liberale, a 13-year-old from Saudi Arabia who recently presented at the Black Hat Middle East and Africa on the subject of navigating ransomware, is likely no exception having taught himself lockpicking at 3; Python coding at 5; and malware writing shortly after that.

Liberale received praise for his presentation, in particular by researcher and Boom Supersonic CISO Chris Roberts, who said Liberale showed "how to write it, build it, design it, deploy it, and remediate systems against being taken over by it" — it being ransomware.

Dark Reading met with Liberale and his mother, Caterina Carna, to understand more about how this industry snagged his interest, and what's in store for the phenom going forward.

Marco Liberale on stage at Black Hat Middle East and Africa

How did you get interested in cybersecurity?

Marco: When I was three I was already interested in physical security, like locks and lock picking, then I learned Python when I was five and I kind of moved from there to cybersecurity. I made my first malware at the time; it was not very good though.

Was he lock picking from his crib?

Caterina: He was obsessed with chains and locks. He didn't want toys, he just wanted to go to hardware stores and buy locks and chains. My house was totally inaccessible to me because he was locking every room and I needed to ask him for permission to open it, but he was obsessed with this. But I always let him do it because I understood that there was something big inside him.

I just felt that I needed to support him as much as I could, and I let him know whatever he wanted to do to express himself in any possible way, but he was always attracted to security somehow.

How did you learn about cybersecurity, did you see it on TV and think that's something you want to do?

Marco: I mostly saw it on the news and stuff. I've always been interested in the security field and how people get in and how to stop people from getting in.

What about certifications, what are you doing now?

Marco: I study at Kings Interhigh online school, but I am way too young for most of the certifications. I'm still going to get Comptia Security+, I'm studying for that.

Are you finding a lot of opportunity to learn skills at events here?

Marco: I do have a lot of opportunities to do so. I've met a lot of people even like at KAUST [the King Abdullah University for Science and Technology]. There's a big IT field there as it is mostly focused on science and IT.

Do you have friends who are also doing this?

Marco: No, most kids my age are just playing soccer. That's what I've seen personally.

Do you have ambitions of where you want to do next, like study abroad, or work at certain companies?

Marco: I'm probably going to make a startup. I'm mostly self-taught in general, but I work with Chris [Roberts] a lot.

Caterina: We were here last year at the Black Hat conference and we met Chris, they got connected on LinkedIn and started to talk and during this conference this year, they did a talk together on the main stage. They had a lot of fun here and Chris is one of the most generous people I've ever met.

Do you look at people in the industry who inspire you?

Marco: Not that much. I don't have many inspirations, I mostly just work on my stuff. I don't really like getting inspired by other people.

How did you get to be involved in this conference?

Caterina: Marco met with Ed Sleiman, who is the head of cybersecurity at KAUST, and Ed recognized his talent. So Ed brought him to the Black Hat conference last year, connected us with the organizers and they were pretty excited about having a young speaker like that. He did a talk on OSINT, and this year they invited him to present again.

Do you have any plans for the future?

Marco: Now, I don't have any plans, I want to see what I can learn.

About the Author(s)

Dan Raywood, Senior Editor, Dark Reading

With more than 20 years experience of B2B journalism, including 12 years covering cybersecurity, Dan Raywood brings a wealth of experience and information security knowledge to the table. He has covered everything from the rise of APTs, nation-state hackers, and hacktivists, to data breaches and the increase in government regulation to better protect citizens and hold businesses to account. Dan is based in the U.K., and when not working, he spends his time stopping his cats from walking over his keyboard and worrying about the (Tottenham) Spurs’ next match.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights