“You have been hacked!!!”
As an end user, you will surely have a panic attack as soon as you hear anyone say that. But what if I say, all software developers gladly want to be hacked? Seems weird? Well, let me introduce you to the less familiar type of hacking known as Ethical Hacking.
Generally, hacking refers to the process to breach the security of digital devices, such as computers, smartphones, tablets, and even entire networks to compromise data. The “unethical” hacking we are all familiar with is done for financial gain, protest, information gathering (spying), or even just to challenge the software developer. So, it will not be wrong to characterize it as the digital version of regular burglary. Ethical hacking, on the other hand, is done for finding out threats and vulnerabilities in the software with the authority’s permission. Ethical hacking also goes by the name “Penetration Test”, helping the authority concerned to improve the system’s security and build a stronger, impenetrable system. The person entitled to this job is called an “Ethical hacker” or a “White hat hacker”. Sounds pretty impressive, right? Let’s dive a bit and find out some more interesting details.
An ethical hacker has to follow certain steps for a successful intrusion.
The very first task is to do a good recon of the system he intends to hack.
Then he actively probes the system to find out vulnerabilities that can be exploited.
- Gaining Access:
After some surveillance, the hacker tries to gain access to the targeted vulnerability.
- Maintaining Access:
To maintain access to the threat, he then installs a backdoor that allows him to exploit it whenever needed.
- Clearing Tracks:
A good hacker should clear his tracks after the hacking is complete. In this way, the hacking source will remain untraceable.
As the main purpose of ethical hacking is to mitigate the threats, the hacker must always report back to the authority so that they can take the necessary steps to secure the system as soon as possible.
Some widely used ethical hacking tools include Nmap for port scanning, Nessus for vulnerability scanner, Acunetix for web application scanning, and Kismet for wireless scanning.
People of Interest:
Want to know about some famous white hat hackers around the globe? Let’s begin with the greatest name, Kevin Mitnick. His history is not so white as we speak of now. In 1995, he was arrested and served five years in prison for cyber-crimes. The Darkside Hacker now is a famous ethical hacker and a computer security consultant, running his very own security firm Mitnick Security Consulting.
“I went to prison for my hacking. Now people hire me to do the same things I went to prison for, but in a legal and beneficial way.” – Kevin Mitnick
Another prominent ethical hacker, computer security expert and founder of the Neofocal Systems, Tsutomu Shimomura is best known for helping out the FBI in pursuit of Kevin Mitnick.
Charlie Miller, a computer security researcher, came into the limelight in the field of white hat hacking by exposing vulnerabilities of Apple products: Macbook, iPad, iPhone along with the web browser: Safari.
Women have also proven their intelligence and prowess in this sector. Joanna Rutkowska is a computer security researcher working on rootkits. She became widely famous for her ethical hacking skills by exposing vulnerabilities of Vista Kernel and Intel systems. She is also the founder of Qubes OS, a security-focused operating system and Invisible Things Lab. The term “Evil Maid Attack” explaining a firmware attack to access encrypted data was first introduced by her.
In the end, I would like to say that ethical hacking actually plays the role of devil’s advocate in case of cyber-attacks. The more the technologies will continue to advance, the faster new techniques of cyber-crime will be invented. Therefore, to keep pace with it, ethical hacking has to be one of the predominant weapons we can count on. We need ethical hacking to fight against unethical hacking. And last but not the least, if you are a cyber-security enthusiast like me, are you not fascinated by the prospect of this sector and want to explore more?
Thank you all.