Hackers trying to penetrate systems to identify its flaws, without being hired by a company to do so, are at particular risk for prosecution. A recent report shows there are more hackers working to improve cybersecurity defenses than operating maliciously. The University of California and the company Bugcrowd are working on a new project to update existing laws and protect ethical hackers.