Community Corner

Hired to Hack: Ethical Hackers Find Holes in Security

Parameter Security moved from the Economic Development Center in St. Peters to an office on Main Street St. Charles. Parameter's hackers hack like bad guys in order to see where businesses and organizations are the most vulnerable.

A new St. Charles business is in the habit of hacking other companies. 

Hackers with Parameter Security, located above Llywelyn's on Main Street St. Charles, spend their time seeing just how far they can get into the networks of businesses across across the world. 

"We're ethical hackers," said Renee Chronister, co-founder and CEO of Parameter Security. "What that means is we hack businesses and governments like the bad guys do. We see how far we can get, what kind of data we can access." 

Find out what's happening in St. Charleswith free, real-time updates from Patch.

The difference is that companies have hired Parameter Security to show them the vulnerabilities and holes in their system so they can fix the problems before they get hacked, Renee Chronister said. 

The business, which employs 10 people, was started in the St. Charles County home of Dave and Renee Chronister in 2007. 

Find out what's happening in St. Charleswith free, real-time updates from Patch.

Dave Chronister, who was working as an IT director for a bank holding company. Banks are required to do annual security audits and Dave Chronister found the companies providing the service weren't effective. 

He decided to get certified as an ethical hacker and also begin offering the audits in early 2007. 

By June 2007, Renee Chronister left her job as a director of marketing and public relations for IT software company and started working for the company full time. 

The company has had office space inside the Economic Development Center in St. Peters twice since 2008. They briefly moved the business back to their home in the middle of the recession in an effort to save money. 

In January 2013, they decided to make the move from the EDC to an office on Main Street St. Charles. The new location offers more space to hold training classes for businesses.

One service the company offers is a vulnerability assessment, which could include some social engineering in which Parameter Security would make fishing phone calls or emails in an effort to get information from employees. Other times they might do a penetration test and go on site to see how far they can physically get into the building. 

Only the person who signed the contract is aware that Parameter Security has been hired, she said.

"You don't want everyone on alert," she said. "They want it to be a real life scenario. They want to see how people adhere to policies and practices."

Parameter Security comes in as a third party to help identify problems, but doesn't offer a specific solution or to fix the security issues themselves. 

"It's up to their IT department or an IT company to do that," she said. "We can work with them and say, here's our findings, but it's up to the client and their resources." 

They also offer IT security audits, training classes for IT security staff, and forensics for companies that have already been hacked. 

They can identify a hacker's trail, find the point of entry, create evidence and become expert witnesses for the court, Renee Chronister said. 

Sometimes hackers are disgruntled employees seeking revenge or to steal information. Other times it's college students or terrorists. 

"A lot of the stuff is really malicious activity," she said. "Insiders may be planting a virus on an employers network to take them down."

Parameter Security will host TakeDownCon June 3 and 4 at Ameristar Casino. The conference is aimed at IT and security professionals and will include classes on leveraging mobile devices in pen tests, cryptanalysis, hacking phones with near field communications and computer forensics. 


Get more local news delivered straight to your inbox. Sign up for free Patch newsletters and alerts.

We’ve removed the ability to reply as we work to make improvements. Learn more here

More from St. Charles