Although hacking remains rife around the world, there are still some black hat cyber-criminals that are taking the decision to use their skill set for the greater good. Those black hats are fast turning white as a growing number of cyber hackers are morphing into “ethical hackers” to lead the charge for data protection.
The concept of ethical hacking dates back to the 1970s when the United States approved a team of IT experts to plan an attack on its computer systems to monitor the robustness of existing security measures. Since then, ethical hackers have been testing the defenses of infrastructure not to cause damage but to locate security flaws, so that system architects can then fix them. With cyber-attacks becoming ever more sophisticated and damaging to industries around the world, the importance of ethical hacking in 2019 and beyond cannot be overstated.
In the digital age, there have been some seismic cyber-attacks that have tarnished brand reputations and put individuals’ sensitive data firmly at risk. In 2011, Sony Networks experienced a sustained attack on its systems, resulting in 77 million customer records published online for criminals to exploit. The breach affected an unprecedented number of people and highlighted the need for rigorous security and privacy measures.
Even in the present day, cyber-attacks continue to find a way through, despite vastly improved cybersecurity infrastructures. One of the sectors cyber-criminals appear to have turned their attention to is the burgeoning cryptocurrency industry, which many believe will revolutionize the way we pay for goods and services. Leading cryptocurrency exchange Cryptopia suffered a cyber-attack on 15th of January 2019. Reports suggest the exchange lost as much as $16 million worth of Ethereum and other ERC-20 tokens owned by the platform’s users. This development has left people questioning the safety of leading cryptocurrencies including Bitcoin (BTC) and Bitcoin Cash (BCH). Nevertheless, there are trading platforms that allow clients to safely buy BCH and BTC without having to physically own or store it, effectively offering an arguably safer alternative for those looking to invest.
Ethical hacking experts are therefore increasingly beneficial to industries looking to determine weak areas within their systems that could be penetrated by cyber-criminals, enhancing the reputation and integrity of leading brands in the process. Ethical hacking may sound like a derogatory term because of the word “hack” – but, if anything, it is a nod to the skills and expertise of security experts that know how to spot and manipulate security flaws, helping organizations to plug the gaps before the damage is done.
Analysts Frost and Sullivan estimate that the global ethical hacking industry is expanding at an annual rate of 21%. In 2014, the US ethical hacking market alone was said to be worth almost $4 billion.
In terms of qualifications and training required to become an ethical hacker, individuals require a comprehensive knowledge of IT infrastructure, including hardware and software. Often coming from cybersecurity backgrounds, ethical hackers require both knowledge and creativity in order to be able to find how to exploit the vulnerabilities of an organization’s systems.
Even formal qualifications are now available in ethical hacking, with the EC-Council Certified Ethical Hacker certification available to study as an online or classroom course, commencing with a 200-question multiple choice exam. Available job roles in this field are normally listed as “penetration tester” as well as “security analyst” and “network security specialist”. They are also advertised as “red team” positions, with an organization’s internal red team assuming the role of the attacker, attempting to compromise the network and outwit the internal blue team, whose job it is to protect systems from a security breach.
With contractor penetration testers capable of earning £500 a day and team leaders looking at annual salaries of £90,000+, it is clear that ethical hacking has become a big business and has never been higher on the executive agenda of big and small organizations.