Joshua J Hernandez
Over the years technology has advanced just as Moore’s Law has predicted. Not only does the technology double every year in a compounding way, but those who understand these concepts grow as well. These talented individuals can be looked at from several different viewpoints and depending on who that person may be could in fact determine whether it is a positive viewpoint or a negative one. In this paper I will prove why it is necessary to have Ethical Hackers in today’s security models and how they have come a long way to improve how our information systems operate in a more secure manner.
Hacker’s for years have been able to do things that the normal individuals have never even thought of pursuing and for several different reasons. There are several different types of hackers out there, but they all have one thing in common and that is their knowledge of Information System exploits and vulnerabilities. The constant issues highlighted by the media always reporting some type of cybercrime, a study showing that nearly 90% of attacks happen on the inside (Durant, 2007). The biggest key is that of understanding the hacker’s true intention and determining whether or not it was ethical or malicious. This leads us to first understand what an ethical hacker is and help determine their purpose is a positive venture when wanting to run your organization in a more secure manner.
The term “White Hat” has been slang term that often refers to an ethical hacker, who tends to be a computer security expert. These types of hackers have been known to specialize in penetration testing and help to ensure the security of an organization’s information system. This is unlike other type of hacker’s such as the “BLACK HAT” and the “GREY HAT”. Ethical hackers also carry several other specialized skills such as strong programming skills, networking skills and have been in vetted in the information technology industry for years. One of the more critical traits that all hackers tend to have is patience and has been known to work on difficult tasks outside of normal working hours. Most successful or savvy computer professionals often keep up with new technologies even if they are unfamiliar with such technologies they will take the time to research them to fully understand it. Keeping up with these technologies can not only be time consuming for ethical hackers but understanding the criminal’s that use them in malicious ways can be a lot for one person to manage. With all of these qualities being said, the most important quality that could change a hiring manager’s consideration for selecting a person is trust and a clean background. The best candidates tend to carry not only a clean history, but a higher level of clearance than most generic computer professionals do not require. The difference could range in a background investigation from a Secret clearance to a Top Secret clearance when determining the depth of an investigation. (IBM JOURNAL, VOL 40)
Hacking in general is wrong for any one person to have some sort of gain whether it is financial or personal. Ethical hacking is often performed by trusted “White Hats” to determine an organization’s vulnerabilities in their internal information systems. Most companies will utilize an outside contractor or even a fulltime employee to ensure that their systems are secure as vulnerabilities are announced. The concept of ethical hacking is still considered hacking due to the end result of an information system being compromised, penetrated, and potentially crashed. This type of hacking becomes ethical because it is used to increase the safety of not only the organization, but to reduce the risk of the users within it. It is fairly understood that it takes a criminal to catch a criminal these days. With this type of reasoning if a grey hat hacker can possibly break into a system then most certainly a “Black Hat”