Last Updated on October 4, 2020 by Vikash Ekka
1. Objective
At the end of this blog you will be able to:-
Explain the term ethical hackingDescribe types of ethical hackers & hackers vs crackers
2. Overview of Ethical Hacking
Information Security
Companies face various challenges to guard the infrastructure. Corporate network allows internal and external users to use corporate devices or BYOD (Bring Your Own Device). In this kind of environment, there can be multiple applications that can be a threat to the corporate network. Apart from the above challenges, cyber threats have become additional aggressive, complicated and complex challenge. Attackers can be anyone whether it is a discontented worker, cyber terrorists, criminals, crime rings and nation states.
The assaults can incorporate digital wrong doing, hacktivism and reconnaissance Hacktivism is the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. The individual who performs an act of hacktivism is said to be a hacktivist. Reconnaissance is a preliminary survey to gain information: especially an exploratory military survey of enemy territory.
Each organization and government is a potential target including corporates like Microsoft Inc, Sony, Fox, Lockheed Martin, Financial institutes like, trade Centre, stock exchanges, bank headquarters, defence and civil supplies and numerous others.
The security attacks are exceedingly composed of network based attacks and have brought about huge measures of delicate information, for example, credit cards medical data, passwords, and state privileged insights being uncovered.
Hacker
The word Hacker is usually used with negative connotations. However, a hacker is simply someone who has the knowledge and technological expertise to understand, and if necessary tamper with, software or electronic systems in general. While most hackers may have the ability to break into computer systems with malicious intentions, there are many out there with the same abilities that they intend to use for the benefit of their parent companies or the common people. Considering the current trend of interpreting the term Hackers in a negative way, many find it very important to distance themselves from the term. This is why the term Ethical Hacker is used by many software engineers to create a distinctive identity for them. As stated above, hacking is a common problem nowadays to any computer system.
Interestingly, the skills a person needs to break into a system can also be used to detect any such vulnerability a computer system may possess. As such, an Ethical Hacker uses his skills to find out security flaws in electronic systems so that they can be eradicated before the system is compromised by a hacker. Simply put an Ethical Hacker hacks / tests his own system to check how secure the system is
Ethical Hacking is also known as white-hat hacking (as opposed to black-hat hacking) or is sometimes referred to as penetration testing While hacking is considered a criminal offense, Ethical Hacking is completely legal as it is done only after taking required permissions from the convert entities. Most organizations hire ethical hackers to strengthen the security of their systems; however, some organizations may also allow outside attempt at breaching their security in order to establish the legitimacy of their security claims.
Types of Hackers:
We have already distinguished the two radically opposite sides hackers may take on ie white-hat hacking and black-hat hacking, However, based on the particular situation hackers can be described with one of the following terms;
White Hat Hackers: They use their skills to find weaknesses in a computer system They are very much important to security testing They are ethically bound not to harm the system and use their skills legally, and are thus known as Ethical Hackers.
Black Hat Hackers: They are criminal hackers, commonly known as crackers. Whether they bring down a system to show off their skills or to steal money or information, their actions harm the affected systems and are generally considered illegal
Grey Hat Hackers: Grey Hat Hackers are those who cannot be properly defined as either White Hat or Black Hat Hackers. While they do not cause harm by stealing money or information, they do often deface prestigious companies by bringing into notice their weaknesses or simply for fun. Despite the fact that most people know about Black Hat Hackers or crackers for the media attention they get, it is actually Grey Hat Hackers that comprise most of the hacking community.
Script Kiddie: The term is used for inexperienced (or kid) script users who hack into a system with the help of scripts written by others. They do not possess good hacking skills, but use known and pre-existing tools without even understanding them fully.
Blue Hat Hackers: These hackers are comparable to White Hat Hackers in the sense that they also use their skills to test the security flaws in a system. However, they often work as an outsider checking a system for vulnerabilities before it is released.
Elite Hackers: Apart from the broad groups mentioned above, there are Elite
Hackers who are simply those with the highest skill set in the industry. They are often the ones who learn about the latest exploits and circulate the information.
Hacktivist: This group is comprised of a varied range of hackers who often act based on their ideological, religious or political beliefs. While they sometimes bring down a system owned by people of opposing beliefs with DoS attacks, they can also act against organizations by releasing sensitive information to the public.
Hackers vs. Crackers
As we have seen in the beginning of the article, hackers are not necessarily bad.
In fact, White Hat Hackers or Ethical Hackers use their skills constructively. On the contrary, Black Hat Hackers or Crackers are usually outlaws hacking systems specifically with criminal intent. We can further distinguish the two groups based on their knowledge, skill level and purpose:
Hackers usually have a better understanding of computer systems and possess extensive knowledge of different computer languages like C, C++, HTML, Perl, Python and Java. However, most crackers are not skilled enough in programming languages.
Hackers use their skills constructively, creating software programs or improving existing systems. Crackers are often unable to create their own software due to their lack of knowledge, and often rely on automated programs and modify existing software created by others. Hackers pursue the noble cause of finding and fixing security breaches, while crackers break into systems either for personal gain, to show off skills or to harm others
Hackers act with legal consent of the target system, and as such have much control over their actions. However, crackers break the law knowingly and need to watch out for their actions continuously.
thanks