ShareThis Page

Irwin native among 'white hat' hackers hired to protect computer networks

| Wednesday, May 8, 2013, 12:01 a.m.

Growing up in Irwin, Adam Cecchetti says he never hacked into a cellphone, a website or a company's software for malicious reasons.

Now living in Seattle, he spends almost every moment trying to defeat those people who do. He and two partners formed a company called Déjà vu Security that large corporations can hire to break into computer systems before the bad guys get there.

“Some people hack for political reasons, some hack for financial reasons, some hack for activism,” Cecchetti, 31, told the Tribune-Review. “Before folks can use a bug for whatever their reason that may not be on the up and up, we hack the device, and we hack the software.”

Cecchetti represents a breed of computer experts that has risen to fight computer attackers bent on disruption, theft and even destruction.

The Trib's ongoing “Cyber Rattling: The Next Threat” series has reported about how online attacks — such as ones against PNC Bank and other U.S. banks — are part of an ongoing international war over information systems. Attackers are becoming more sophisticated as they seek to trigger computer incidents.

Cyber attacks are costing corporations — and consumers — a lot. In a six-year span starting in 2005, data breaches in 33 countries, including the United States, cost the firms involved more than $156 billion, according to the nonprofit Digital Forensics Association.

Every second, in various parts of the world, there are 18 cybercrime victims — about 1.6 million a day — according to a 2012 Norton by Symantec study.

For the white hats, their unique skill at finding where a program is vulnerable and how to close the digital doors that the black hats use to penetrate a website is worth $120,000 to $130,000 a year, said Chad Thunberg, chief operating officer at Leviathan Security Group , a 20-person firm in Seattle.

“Companies are being attacked by bad people, and if they want to defend themselves, they have to attract these scarce people,” he said. “There are maybe 1,000 individuals of this nature in the world. They have this unique hacker mind-set.”

While malicious hackers have to find just one glitch to get inside a machine or software program, defenders must try to close up every hole. Cecchetti said his company works to identify and close as many openings as it can find.

“It's a bit of a game of cat-and-mouse with security,” he said. “One hundred percent defense is impossible. … We're raising the bar so it's more difficult or not worth the hackers' time.”

Cecchetti said he became interested in computers as a student at Greensburg Central Catholic High School, where he graduated in 1999, writing software for games and building websites. He pursued a computer science degree from Latrobe's St. Vincent College in 2003, where he also did some systems administration work.

Then at Carnegie Mellon University, he earned a master's degree in information networking from the school of Electrical and Computer Engineering in 2005. Hired by Amazon to protect its systems from hackers, he moved to Seattle after graduation.

His parents, Thomas and Dawn, remain in Western Pennsylvania, having moved to Slippery Rock, and Cecchetti said he still catches Steelers games on TV. But he has no plans to boomerang back.

“I will always be a Pittsburgh boy, but Seattle's kind of my hometown now,” he said.

The Seattle Times contributed to this story. Andrew Conte is a staff writer for Trib Total Media. He can be reached at 412-320-7835 or

TribLIVE commenting policy

You are solely responsible for your comments and by using you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.