Honor among thieves: Ethical hacking
The relatively new threat associated with hacking conjures visions of cyberattacks resulting in data loss or manipulation, identity theft, financial damage and other adverse impacts. But the same skills and tools used by malicious practitioners of such cybercrime can also be used by ethical hackers.
The ethical, or white hat, hacker unearths vulnerabilities and weaknesses in various systems, just as a sinister black hat hacker would do. In this role, hacking skills are applied in a legitimate, lawful manner to try to find and fix system flaws before a cyber-intrusion occurs. Unlike black hat hackers, who access systems illegally with malicious intent, white hat cybersecurity sleuths work with companies to help identify weaknesses in their systems and make corresponding updates. Network security is strengthened by this purposeful trespassing as data doors that may be inadvertently left open are identified and closed. The increased need for preventive action is driven by the growing threat posed by malware, viruses and ransomware.
An ethical hacker uses port scanning tools, most of which are open source, such as the Nmap network security mapper capable of discovering services and hosts on a network, thereby creating a network map. This software offers several features that help in probing computer networks, host discovery as well as detection of operating systems. Critical bugs can also be uncovered by Nessus, a remote vulnerability scanner that can detect unpatched services and misconfigurations in addition to weak passwords. SQLMap is another tool that helps security researchers by launching SQL code injection tests against remote hosts. The program enables detection and testing of different types of SQL-based vulnerabilities to strengthen apps and servers, or to report vulnerabilities to different companies.
Armed with these programs, the ethical hacker attempts to evade intrusion detection and intrusion prevention systems, break through firewalls and hijack web servers so that remedial measures may be implemented to harden system security. After the scope and goals of a planned hacking test are defined, scanning is performed to understand how a target reacts to various intrusion attempts. Web applications are attacked using SQL injections, cross-site scripting and other invasive methods to reveal and exploit vulnerabilities by theft or traffic interception, highlighting weak links in a network’s chain. The test findings are used to reconfigure web application firewalls, and the white hat hacker begins again.
The number of cybersecurity job openings in the U.S. alone exceeds 300,000, with nearly 769,000 cybersecurity professionals currently employed and more than 3 million cybersecurity positions projected to be available worldwide by 2021. Opportunities for training and certification are expanding in concert with this demand as employers increasingly view such credentials as an important measure of proficiency in security engineering.
The Certified Ethical Hacker (CEH) is an intermediate-level credential offered by the International Council of E-Commerce Consultants (EC-Council). CEH credential holders possess skills and knowledge on hacking practices in areas such as footprinting and reconnaissance, scanning networks, enumeration, Trojans, worms and viruses, sniffers, denial-of-service attacks, social engineering, session hijacking, hacking web servers, wireless networks and web applications, SQL injection, cryptography, penetration testing and firewalls.
The Global Information Assurance Certification program run by the SANS Institute, a provider of cybersecurity education, offers vendor-neutral certifications with courses that require hands-on learning. Penetration Tester certification covers password attacks, vulnerability scanning, web application injection attacks and other intrusion risks found by forensics-based hacking.
Of course, the power to harness these skill sets to secure infrastructure against potential cyberattacks can also be assumed by those wishing to turn from the dark side. The tale of Kevin Mitnick, whose black hat escapades included breaching the security of Digital Equipment Corporation, Sun Microsystems and other networks, is proof that there may be honor among thieves. Following a five-year prison sentence, Mitnick now heads his own cybersecurity business, providing security consulting for Fortune 500 companies and government agencies. Who better to fight a hack than the people who know how to launch one?