Introduction
to Ethical Hacking:-
Not all hackers are inherently bad. When used in mainstream media, the word, “hacker,” is usually used in relation to cyber criminals, but a hacker can actually be anyone, regardless of their intentions, who utilizes their knowledge of computer software and hardware to break down and bypass security measures on a computer, device or network. Hacking itself is not an illegal activity unless the hacker is compromising a system without the owner’s permission. Many companies and government agencies actually employ hackers to help them secure their systems. Hackers are generally categorized by type of metaphorical “hat”:
Not all hackers are inherently bad. When used in mainstream media, the word, “hacker,” is usually used in relation to cyber criminals, but a hacker can actually be anyone, regardless of their intentions, who utilizes their knowledge of computer software and hardware to break down and bypass security measures on a computer, device or network. Hacking itself is not an illegal activity unless the hacker is compromising a system without the owner’s permission. Many companies and government agencies actually employ hackers to help them secure their systems. Hackers are generally categorized by type of metaphorical “hat”:
“white hat”, “grey hat”, and “black hat”.
The terms come from old spaghetti westerns, where the bad guy wears a black cowboy hat, and the good guy wears a white hat.
There are two main factors that determine the type of hacker you’re dealing with:
The terms come from old spaghetti westerns, where the bad guy wears a black cowboy hat, and the good guy wears a white hat.
There are two main factors that determine the type of hacker you’re dealing with:
1)
Their
motivations 2)
And
whether or not they are breaking the law.
Difference between Black hat Hacker, White hat Hacker and Grey Hat
Hacker.
1)
Black Hat Hackers
Like all hackers, black hat hackers usually
have extensive knowledge about breaking into computer networks and bypassing
security protocols.They are also responsible for
writing malware, which is a method used to gain access to these systems.Their primary motivation is usually for personal
or financial gain, but they can also be involved in cyber espionage, protest or
perhaps are just addicted to the thrill of cybercrime. Black hat hackers can range from amateurs
getting their feet wet by spreading malware, to experienced hackers that aim to
steal data, specifically financial information, and personal information and
login credentials.
Not
only do black hat hackers seek to steal data, they also seek to modify or
destroy data as well.
2)
White Hat Hackers
White hat hackers choose to use their powers for good rather than evil. Also known as “ethical hackers,” white hat hackers can sometimes be paid
employees or contractors working for companies as security specialists that
attempt to find security holes via hacking.White hat hackers employ the same methods of hacking as black hats, with
one exception- they do it with permission from the owner of the system first,
which makes the process completely legal. White hat hackers perform penetration testing, test in-place security
systems and perform vulnerability assessments for companies. There are even
courses, training, conferences and certifications for ethical hacking.
3) Gray Hat Hackers
As in life, there are grey areas that are neither black nor white. Grey
hat hackers are a blend of both black hat and white hat activities. Often, grey
hat hackers will look for vulnerabilities in a system without the
owner’s permission or knowledge.If issues are found, they will report them to the owner, sometimes
requesting a small fee to fix the issue. If the owner does not respond or
comply, then sometimes the hackers will post the newly found exploit online for
the world to see.These types of hackers are not inherently malicious with their
intentions; they’re just looking to get something out of their discoveries for
themselves.Usually, grey hat hackers will not exploit the found vulnerabilities.
However, this type of hacking is still considered illegal because the hacker
did not receive permission from the owner prior to attempting to attack the
system.Although the word hacker tends to evoke negative connotations when
referred to, it is important to remember that all hackers are not created
equal.If we didn’t have white hat hackers diligently seeking out threats and
vulnerabilities before the black hats can find them, then there would probably
be a lot more activity involving cybercriminals exploiting vulnerabilities and
collecting sensitive data than there is now.
Gray Hat Hackers :
Cyber crimes are becoming more common and attackers more sophisticated
with rouge nation-states and terrorist organisations funding criminals to
breech security networks either to extort hefty ransoms or compromise national
security features.
Businesses are faced with the challenge of dealing with complex security
requirements that need to be updated as per changing hacking tactics, handling
hidden vulnerabilities and evolving technologies. Ethical hacking firms with
specially trained professionals come to the rescue of businesses while ensuring
effectiveness of service and confidentiality.
- To build a computer system that prevents hackers’ access and safeguard system and information from malicious attack
- To manage adequate preventive measures in order to avoid security breaches
- To safeguard user or customer information available in business transactions and visits
- To test networks at regular intervals
- To create security awareness at all levels in a business
Ethical
Hacking sometimes called as Penetration Testing is an act of
intruding/penetrating into system or networks to find out threats,
vulnerabilities in those systems which a malicious attacker may find and
exploit causing loss of data, financial loss or other major damages. The
purpose of ethical hacking is to improve the security of the network or systems
by fixing the vulnerabilities found during testing. Ethical hackers may use the
same methods and tools used by the malicious hackers but with the permission of
the authorized person for the purpose of improving the security and defending
the systems from attacks by malicious users.
Ethical
hackers are expected to report all the vulnerabilities and weakness found
during the process to the management.
No comments
Post a Comment