Muneeb Amin Bhatt, Techie With NASA & Apple’s ‘Hall of Fame’ Recognition

Muneeb Amin Bhat, a 22-year-old from Zungalpora, Kulgam in Kashmir, started by finding security breaches in his friends’ and neighbours’ computers. Today, he is doing this for over 60 international organisations including Apple and NASA.“Dear Mr Bhat,Thank you for your report. We have confirmed that this is indeed a vulnerability.”These are one of the many mails that Muneeb Amin Bhat, a cyber security analyst and ethical hacker, receives in his mailbox. The first of such mails that he received, which included a bounty, added to the young hacker’s happiness. He realised that “hey, this could be a legitimate career!”The senders of these emails include from multinational companies like Oracle, Apple, Intel, Mcdonald’s and the latest one from NASA (The National Aeronautics and Space Administration). The self-taught 22-year-old from Zungalpora, Kulgam in Kashmir, has carved a path for himself in the ethical hacking and cyber security space. He worked hard towards his goal while grappling with limited access to the internet and spotty electricity.  The feather on his cap has been his work for Apple and NASA. In 2023, he discovered a critical vulnerability in Apple which could have compromised the data of thousands of its users. Apple acknowledged his discovery and featured him in its Hall of Fame in August 2023.
Advertisement
For the US space agency, he discovered unknown vulnerabilities through their vulnerability disclosure programme which earned him a name in their Hall of Fame as well. He has spent hours helping these companies secure their data, earning him millions of dollars besides validation.Here’s his story:A go-to techieMuneeb’s interest in computers began at the age of nine. He would hack into his friend’s social media accounts and the Wif-Fi servers.  “I would inform my friends to secure their social media accounts. When I informed the shop owners or neighbours about the security leak in their Wi-Fi, they would appreciate my efforts and thank me,” Muneeb tells The Better India, understanding the importance of his work.He was also the go-to ‘gadget fixer’ in his village for any problems in mobile phones and computers.Despite living in a village which lacked facilities and faced challenges ranging from electricity to internet connectivity, he pursued his passion in the era of 2g cellular network. Watching movies like The Matrix, Live Free or Die Hard, opened his eyes to the world of ethical hacking. His father bought their first computer in 2012, post which, the young boy would spend hours on the internet learning the basics of hardware, networking and programming. He learnt from tutorials on Google and YouTube, following the likes of the late Kevin Mitnick, one of the most famous hackers.“I learnt that we can secure data for organisations. Even though companies have their own security teams, they invite ethical hackers to report vulnerabilities in their data through their responsible disclosure programme,” he adds.Over 343 million people have been the victims of cyber attacks in 2023, according to a Forbes report. Data breaches also saw a 72 percent increase in 2023 compared to 2021, which makes the need for ethical hackers and cyber security experts all the more necessary.After Class 12, Muneeb pursued a B.Tech in Computer Science in a college which was 80 km away. The daily travel and classes left him with no time to pursue his passion. Supported by his father, he decided to drop out in the second year to focus entirely on ethical hacking. “I could either complete my engineering degree or focus on cybersecurity. To follow my passion, I decided to do a BCA degree in cyber security which also allowed me the time to hone my skills,” adds the 22-year-old.He is now pursuing BCA through correspondence from the Indira Gandhi National Open University (IGNOU). Muneeb Amin Bhat with his setup at home“For Apple, I discovered a user data leak on iCloud. I submitted my findings in July 2023 and received an acknowledgement from them a few months later,” he adds.He has developed his own interception tools that help him test data and find leaks.While his family was initially hesitant about his choice, the growth of cybersecurity as a viable career option and the financial rewards doled out by companies for identifying breaches in their data helped convince them.Called ‘bug bounties’, companies offer anywhere from $100 to $10,000 per vulnerability. The reward increases depending on the criticality of the breach.Muneeb wishes to join a company as a cybersecurity analyst after completing his degree. “My goal is to ensure the safety of user data and company websites and domains,” he says.The cybersecurity and ethical hacking space is a growing one with multiple jobs opening up for the same in India and abroad. For anyone interested in getting into this space, more than degrees, Muneeb states that self-learning and knowledge about the hardware, operating systems, and networking is essential.“A basic computer degree like a BCA or MCA or BTech would be good to enter into this field. Certifications like OSCP (Offensive Security Certified Professional) and CEH (Certified Ethical Hacker) will add value to your resume. What’s more important is to learn about computer hardware, networking, operating systems like Linux, programming languages, coding languages and more,” he shares.Edited by Padmashree Pande, Images Courtesy Muneeb Bhat