After Apple, Kulgam techie enters NASA’s ‘Hall of Fame’

Identifies data breach vulnerabilities in its systems

Irfan Tramboo

Srinagar, May 14: After making it to Apple’s ‘Hall of Fame’ last year for reporting vulnerabilities in its systems and earning a reward, a techie from South Kashmir has now been inducted into NASA’s ‘Hall of Fame’ for bolstering their system security through ethical hacking.
Hailing from Zungalpora village in South Kashmir’s Kulgam, Muneeb Amin Bhat, a 22-year-old cybersecurity researcher and bug hunter, told Excelsior that after uncovering security breaches in NASA’s system, he reported his findings under NASA’s Vulnerability Disclosure Program (VDP), which facilitates the US agency’s awareness of otherwise unknown vulnerabilities.
“This time, I directed my efforts towards NASA, the United States government agency dedicated to space exploration and aeronautics research. I ethically hacked and secured their systems. Upon uncovering multiple vulnerabilities, I promptly reported my findings,” he said.
Bhat reported the vulnerabilities under NASA’s VDP, which has been created for the identification of external vulnerabilities in their systems, “providing guidelines to security researchers so that they feel comfortable reporting vulnerabilities they have discovered in good faith.”
“NASA confirmed the validity of my discoveries and acknowledged my contributions by inducting me into their Hall of Fame for bolstering their system security,” he said.
Bound by the guidelines of the VDP, Muneeb did not disclose the specifics of the external vulnerabilities in the NASA systems; however, he said that it involved sensitive data exposure, “meaning that confidential information was accessible to the public, constituting a data breach. This data breach involved private information that should have been protected.”
“Once it is established that a vulnerability exists or any sensitive data is encountered, you must stop your test, NASA must be notified immediately, and details of the vulnerability or sensitive data shall not be disclosed to anyone else,” read the guidelines of NASA’s VDP available on Bugcrowd, listing Muneeb as one of the members of the space agency’s ‘Hall of Fame.’
It is to be noted here that earlier in October last year, Excelsior had reported about his achievement when he made it to Apple’s ‘Hall of Fame,’ following which he attracted extensive media coverage.
Over time, Bhat has identified vulnerabilities in various other organizations, which has earned him Hall of Fame mentions, bounties worth lakhs, and other rewards.
“My success in ethical hacking has not been overnight but rather the result of more than 10 years of learning. In addition to my work with Apple and NASA, I have ethically hacked and secured numerous other prominent organizations, including Oracle, McDonald’s, Intel, USAA, Indeed, and many more,” he said.
With regard to his education, Bhat is currently pursuing a Bachelor’s Degree in Computer Applications (BCA) from IGNOU, which he started after leaving his B.Tech from SSM College midway.
“My passion for technology dates back to my childhood, where I developed a love for gadgets, phones, laptops, and computers. My journey into hacking began in fifth grade, unaware of its illegality, which I realized later, resulting in delving deeper, continually learning and growing in my craft,” he said.
Regarding cybersecurity, he said that in today’s digital era, nothing is completely secure, and “no matter how big an organization is, if it is connected to a network, it is vulnerable to being hacked.”