Hackers have done this; hackers have done that…definitely something wrong, and so on and so forth. These are the most common news considering the current era of Information Technology (IT). Surprisingly, in modern world most of the people believe that computers and the Internet gave birth to the today’s buzzword “Ethical Hacking”. However it is not fair to restrict this branch of knowledge only to computers. Historically, ethical hacking dates back to 6th century when the very first version of modern chess game was played. With the passage of time, this tactical game evolved in various ways and had been used by early rulers to help their armies prepare for battle. The first team of modern hackers appeared in 1960s at Massachusetts Institute of Technology (MIT), who targeted electric trains with the aim to make them perform faster and more efficiently. In 1995, IBM’s John Patrick used the term of “Ethical Hacking” for the first time. In cyber world however, Ethical hacking is the use of computer programming skills by a computer or network security expert to determine whether a system, software or network is vulnerable to adversaries or not.
The main ambiguity among many computer users and journalists regarding ethical hacking is the use of term hacker (also known as white hat hacker) vs cracker (also known as black hat hacker). Particularly, the use of word “hacker” instead of “cracker” in information security news is due to this misinterpretation. Remember that hacker is a computer security expert, mostly hired by an organization that is authorized to use his/her skills and find out any vulnerabilities in the computers or networks to get them fixed before they are exploited by malicious users. On the other hand, cracker has the same level of computer expertise but uses his/her skills in an unauthorized way and exploits the system vulnerabilities to break into an organization’s computers or networks with the aim of performing some mischievous activities. A very interesting point is that many white hat hackers are former black hat hackers.
Familiarity with some other ethical hacking related terminology is better, so we will talk about a few here. A threat is an action or event that is a potential violation of security. Threats can include everything from viruses, Trojans, back doors to complete attacks from malicious hackers…ok crackers, right? Vulnerability is a weakness in design or implementation that may result in an unexpected, undesirable event compromising the security of the system. Reducing the number of vulnerabilities mitigates the chances of an information system from being compromised. Exploit is a defined way to breach the security of an information system through vulnerability.
Ethical hacking is good or bad; we’ll talk about that now. Well, actually it is quite better for an organization to hire hackers to strengthen the security of its IT infrastructure…computers and networks. But the dark side of the picture is that if somehow these hackers turn against the organization, it could be really very dangerous for that organization. The reasons behind an employee’s turning against his/her own organization could be many.
Having said all that, we conclude that the term “Ethical Hacking” has caught the attention of almost every computer literate person or even some people who have just heard of computer and its miracles, but they don’t get a clear picture of even very basic things about this buzzword of industry.
Here are some links that you might find interesting:
The article is written by Mr. Yasir Mehmood.