Ethical Hacking: It's not an oxymoron.

When most people think of a hacker, they think of a dishonest individual who uses techniques to bypass a system’s defenses and steal confidential and sensitive information. Security breaches, data as well as identify theft are all incidents which can occur as a result of a hacker breaking into a system. However, in this modern workplace where information can be distributed and leaked in seconds, there exists the ethical hacker. Sounds like an oxymoron to you? Well, it isn’t! In fact, the ethical hacker is a great asset and help in today’s increasingly technologically (and less human reliant) work place. Known as ‘white hat hackers’, ethical hackers use the same techniques as their less-than-honest counterparts, the ‘black hat hackers.” However, these good guys of cybersecurity do not use their findings to take advantage and exploit any vulnerabilities they discover, rather they document them and then present their client with a plan on how to repair these issues so the company can improve their overall information security and guard their important information. Ethical hacking exists to assess the security of a network or system infrastructure and consists of discovering and trying to exploit vulnerabilities. This helps to determine is unauthorized access or other malicious activities are possible. Poor or improper system configurations, hardware and software flaws (known and unknown) as well as operational weaknesses in technical countermeasures are all places that tend to have vulnerabilities. The history of ethical hacking can be traced back as early as the 1970s. The United States government used groups of experts known as ‘red teams’ to hack into its own computer systems. Since its inception back then, ethical hacking has become a sizable part of the information security market and is rapidly expanding. In fact, many large companies such as IBM employ their own team of ethical hackers and many information security companies offer ethical hacking as a service. It is of great importance as an ethical hacker to make sure they know a company’s service level and code of conduct agreements, which gives specific instructions to how testing will be conducted. For instance, there have actually been incidents of ethical hackers testing a system and discovering vulnerabilities without the owner’s permission. Ethical hacking is also known in the market as penetration testing, as many professional in this field feel that ethical hacking is a contradiction in terms. As this field is advancing and growing so quickly, it is crucial for security professionals to be in top of the latest techniques so they can offer the best services to their clients and stay on the top of their profession. There are many resources available to learn both in traditional classroom formats as well as online. A good free resource is our course lesson on system hacking. These online courses allow the participant to study and learn at their own pace and suit a variety of learning styles.