Skip to main content
The Globe and Mail
Support Quality Journalism
The Globe and Mail
First Access to Latest
Investment News
Collection of curated
e-books and guides
Inform your decisions via
Globe Investor Tools
Just$1.99
per week
for first 24 weeks

Enjoy unlimited digital access
Enjoy Unlimited Digital Access
Get full access to globeandmail.com
Just $1.99 per week for the first 24 weeks
Just $1.99 per week for the first 24 weeks
var select={root:".js-sub-pencil",control:".js-sub-pencil-control",open:"o-sub-pencil--open",closed:"o-sub-pencil--closed"},dom={},allowExpand=!0;function pencilInit(o){var e=arguments.length>1&&void 0!==arguments[1]&&arguments[1];select.root=o,dom.root=document.querySelector(select.root),dom.root&&(dom.control=document.querySelector(select.control),dom.control.addEventListener("click",onToggleClicked),setPanelState(e),window.addEventListener("scroll",onWindowScroll),dom.root.removeAttribute("hidden"))}function isPanelOpen(){return dom.root.classList.contains(select.open)}function setPanelState(o){dom.root.classList[o?"add":"remove"](select.open),dom.root.classList[o?"remove":"add"](select.closed),dom.control.setAttribute("aria-expanded",o)}function onToggleClicked(){var l=!isPanelOpen();setPanelState(l)}function onWindowScroll(){window.requestAnimationFrame(function() {var l=isPanelOpen(),n=0===(document.body.scrollTop||document.documentElement.scrollTop);n||l||!allowExpand?n&&l&&(allowExpand=!0,setPanelState(!1)):(allowExpand=!1,setPanelState(!0))});}pencilInit(".js-sub-pencil",!1); // via darwin-bg var slideIndex = 0; carousel(); function carousel() { var i; var x = document.getElementsByClassName("subs_valueprop"); for (i = 0; i < x.length; i++) { x[i].style.display = "none"; } slideIndex++; if (slideIndex> x.length) { slideIndex = 1; } x[slideIndex - 1].style.display = "block"; setTimeout(carousel, 2500); }

Computer hacker Dustin Heywood at his home in Airdrie, Alta.

Todd Korol/The Globe and Mail

Dustin Heywood, also known by his online handle EvilMog, began hacking into computer networks as a teenager in the mid-1990s. Now the 36-year-old is using his hacking skills for good as a penetration tester for IBM’s X-Force Red offensive security team, uncovering flaws and vulnerabilities in computer systems to make them stronger.

When did you first get into computers?

It was funny. I had terrible handwriting in school so I had to fight for access to a typewriter at the age of 7 or 8. Then I moved on to an electronic typewriter at about 10. I was typing 50 words a minute by the age of 10 or 12. I had to bring typewriters into tests and then I eventually got a laptop. Batteries back then didn’t work well, so you had to plug them in everywhere you went.

Story continues below advertisement

What did it feel like to be the only child in the classroom lugging around this typewriter or laptop?

Back then, you got teased a little bit. Back in the eighties and nineties, computers weren’t really cool. In fact, even when I graduated high school, computers weren’t seen as the “in” thing. You were viewed as the dork, which is interesting now how computers and technology are all of a sudden the cool “in” thing.

At what point did you realize you could turn this interest into a career?

I didn’t get into professional IT until my mid-20s just because there wasn’t really a career path to go straight into that field. I wound up doing general manual labour jobs in my early 20s until I dislocated my shoulder packing potato chips in a plant in Airdrie, Alta. I wound up taking a six-month course at SAIT [the Southern Alberta Institute of Technology]. The course was a network technician fast-track program, which basically taught you networking, systems administration and Linux. When I went to the classes, I found out I actually already had a lot of these skills.

In your view, what is a hacker?

When people traditionally think of a hacker, they think of criminals, cybercrooks etc. But that’s actually a bit of a misnomer. Hacking originated back in the sixties. The modern usage of the term is someone who creatively applies the programming knowledge or their knowledge of a system to extend it in a way that it was never intended, which is why the term gets used in things like growth hacker, biohacker, computer hacker etc.

Your early career in IT ended up taking you to Afghanistan.

Story continues below advertisement

I did two back-to-back tours in Afghanistan working for an IT contractor. Basically, my job was allowing soldiers to call their families back home, do video teleconferences and watch TV to make their life bearable on base. I actually had to rely on a lot of these hacker-like skills to make things do what they were never intended to do. No one ever intended to have TV streamed over satellite, over an IP network and into a remote base in Afghanistan.

In 2015, your handle, EvilMog, was outed by a university professor writing about your work in password recovery. How did that feel?

It was actually very liberating. The previous company I worked for didn’t like me doing anything external. For years, I was doing really cool research, but I couldn’t ever talk about it and that was really frustrating to me. But at X-Force Red, they let me go to conferences and let me talk about the research that we’re doing. So it’s been a very different cultural change coming here, being in the public and doing talks.

It’s funny that your handle has the word “evil” in it because you’re now hacking for good.

My mission is to make companies safer, but you have to put your head inside that evil aspect and think way differently than a normal person would. I'm always looking at what new functionality I can exploit. It’s why I like using EvilMog as a persona because it helps me get in that mindset.

What role do hacking contests play in your work?

Story continues below advertisement

We actually recruit from places like the Collegiate Cyber Defense Competition, where students have to go defend a network against industry attackers. Or the Collegiate Penetration Testing Competition, where students have to go attack an environment and we look at how they operate. I even volunteer at one, a southeast regional down in Atlanta, just because I like stretching students to their limit and seeing how they operate under fatigue. It really shows the true character of a person. It’s actually really cool.

It's almost like you're like a football scout watching a game and picking out the players you might want for your own team.

That’s exactly what it is. A lot of people we’ve recruited through these channels are actually now at X-Force Red as early professionals that we’re training up to be the next generation. It’s actually one of the most critical things that we do.

Stay ahead in your career. We have a weekly Careers newsletter to give you guidance and tips on career management, leadership, business education and more. Sign up today.

Report an error Editorial code of conduct
Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed.

Read our community guidelines here

Discussion loading ...

To view this site properly, enable cookies in your browser. Read our privacy policy to learn more.
How to enable cookies