Cybersecurity on the Darknet – How do I Become a Professional Hacker?

Giulia Vaccaro lives in Berlin and has been a part of the team at INTARGIA – a valantic company since September 2022. In an interview, she takes us along on her journey to becoming a professional hacker and tells us what the latest cyber security trends are.

Hello Giulia, please introduce yourself briefly.

Hello Nicole! Of course: My name is Giulia Vaccaro, I am 24 years old, and I work as a cyber researcher at INTARGIA, a valantic company.

You have been with INTARGIA, a valantic company, since September 2022. Welcome! How was your start?

Thanks! To be honest, I was surprised at how easy everything was. Everyone spent a lot of time with me, so that the technical and organizational content was transmitted quickly. Above all, things were great on the interpersonal level: Not even on the first day in the office did I feel like “the new kid.”

How did you get to cybersecurity? Please give us some insight into your career.

Originally, I took a very different path. After graduating from high school, like so many people, I didn’t know what I should do. Art and history have always interested me, but I quickly realized that I could not imagine a professional future in these areas. In order to clear my head and get out of my usual environment, I emigrated to Copenhagen and initially kept myself afloat with an au pair job. However, I quickly realized that this didn’t suit me and fortunately found a job as a first level chat support agent. At that company, I came into contact with the IT security department, which made me totally curious.

From that point on, I used every free minute to train myself in the field of hacking at work and at home. And I was successful, because after a few months I took my first job as a professional hacker. After that, I earned the Offensive Security Certified Professional (OSCP) certification, which is considered the industry’s gold standard for proving practical hacking skills . The examination took me 48 hours straight and focused on hacking machines. It was a real challenge that released a lot of adrenaline in me! When I got homesick, I finally went back to Germany. 

After a few years as a professional hacker and senior penetration tester at an IT service provider, I wanted to find a new position that would give me more freedom and space for self-realization. And that’s how I came to INTARGIA, a valantic company.😊 

How did you become aware of the position as a Cyberresearcher at INTARGIA – a valantic company?

Actually through LinkedIn. I have long loved the idea of making my professional career a little more specialized. The field of “Open Source Intelligence” has had a great impact on my daily work for a long time and I am also extremely interested in it. INTARGIA was looking for someone who wanted to work on these issues. At the end of the  job description, it said “If you have questions, just send them to Thomas.” So I contacted Thomas, on a sunny day when it was 30 degrees outside – and a short time later I received an answer and an invitation to talk. We both knew that the fit would be just right. A week later I signed the contract.

What a beautiful story! Speaking of LinkedIn: When I looked at your profile, I came across the term “ethical hacking.” This seems to be trendy topic right now. You were even the subject of a podcast episode! Could you give us some brief insight into what ethical hacking is all about?

Ethical hacking, which is also called penetration testing, generally describes the procedure of checking applications, infrastructures, etc. for vulnerabilities by emulating what a malicious attacker would do.
In my years as a “hands-on” hacker, I have learned a lot that now flows into my daily work, but above all there’s one thing: The hacker mindset. How do hackers think? What paths do they choose? And why? Understanding these motivations helps greatly when it comes to assessing the risk landscape for companies.

That sounds fascinating! What other trends have you observed in the area of IT security?

Spear phishing: that is, phishing mails that are targeted at recipient. We’re seeing these more and more frequently. Attackers attempt to get the recipients to open a malicious link or attachment. In order to formulate these mails as credibly as possible, the attackers need information about the company and the recipients themselves – which brings us back to the topic of open source intelligence.

What do you do in your spare time to switch yourself off and leave the cyber world behind?

Music! That’s the focus of most of my free time. From dancing through my apartment to loud music – preferably hip-hop – to playing the piano to producing my own music with Ableton.

Thank you very much for the exciting insights, Giulia!