If you were to ask someone what they thought a hacker is, the response would most likely revolve around negative values such as data fraud, identity theft, and maybe even cyber terrorism.
However, not all hacking is necessarily the criminal, destructive act that we see increasingly reported in our media. Indeed, forms of ‘hacking’ have often been carried out by organisations or institutions as a method of testing defences. For example, in the 1970s, the united states gave a green light for a team of experts to attack its own computer systems to assess their security robustness.
Fast-forward to the present day, and we now have a thriving industry that is roughly based around the concept of ethical hacking.
How did ethical hacking come about?
In 2011, there was a breach in the online security framework related to Sony Networks: around 77 million customer records were released online.
It goes without saying, then, that alongside the ubiquity of the internet and the inexorable rise of the digital age, quite naturally governments, institutions, and individuals have growing concerns about cyber security. Despite security protocols and rigorously designed information encryption techniques, can the vast realms of data flowing around the globe remain safe?
In order to better protect that information, companies will often bring in ethical hacking experts from outside to test IT security. These experts carry out ‘penetration tests’ that seek to probe security weak spots, so that companies can rectify the problems, and upgrade their IT security protocols before the ‘evil’ hackers can infiltrate their systems.
Has ethical hacking become a career choice?
Ethical hacking is perhaps a derogatory term for a raft of it specialists better referred to as computer security experts. sought-after skillsets provide forward-thinking companies with access to personnel who are well-versed in code and programming languages, have intimate knowledge of operation systems as well as those experts who can decipher tcp/ip protocols.
There are a growing number of accredited courses wannabe ethical hackers can take. Once turned professional, in the UK contracting penetration testers can make as much as £500 per day, with a wide range of international projects attracting more legitimate hacking talent to our shores.
The ethical hacking industry
In the usa alone, ethical hacking represents an industry worth nearly $4billion. The analyst firm, Frost and Sullivan estimate the industry is growing at 21% per year, with nearly 2.3 million security professionals providing internet security across the globe.
Governments also chip in to try and grab talent before it is scooped up by the private sector. In 2011, the UK government launched a hacking challenge as a way of launching a recruitment drive targeting the most talented hackers in the country. Gchq has also announced several new groupings of intelligence personnel purely focused on fighting cyber attacks.
Businesses that frequently need the service of ethical hackers are most notably, apart from Governments and Banks. They spend around $25billion annually defending themselves against cyber attacks.
Tricks of the trade
Ethical hackers are expert coders, capable of immersing themselves completely in whatever computer security network confronts them. Well co-ordinated penetration tests can often be months in the making, and include outlining the systems to be targeted and the amount of ‘damage’ to be inflicted.
Hackers have also developed a fine art in monitoring the social media use of employees to give them an edge in cracking company IT systems. This technique is known as water-holing, and involves ethical hackers scouring the social media hangouts of company employees. There they mine for information that could give them an ‘in’ to an employee login or more general company details.
Ethical hacking is an overall response to the threats offered to cyber security from the other, less palatable face of hacking. Back in 2010, in a relatively unheralded announcement, the UK Government pledged to spend £650million to bolster cyber security. With the country as a whole, as well as the Government, facing in excess of 50 million cyber attacks each year, it is no wonder institutions are turning to that very hacking community in a bid to shore up defences.