ETHICAL HACKING

Ethical Hacking

Ethical Hacking

Introduction

The word "ethical" is defined as "relating to morals, especially as concerning human conduct" and "hacking" can be explained as "gaining illegal entry into a computer system, with the intent to alter, steal, or destroy data." These may sound like a contradiction in terms, however, many organizations now has to adopt this method to find out how secure is their networks are.

Discussion

In the past decade, computer and networking technology has seen enormous growth, which bring many good things e.g.: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and etc. However, this growth has not come without a price, a new methodology in crime has been created: criminal hackers.

The term "hacker "could have originated at M.I.T. as students' jargon for classmates who labored nights in the computer lab. In the beginning, hackers are not so dangerous at all. They just stole computer time from the university. However, in the early 1980s, hackers became a group of criminals who steal information from other peoples' computer.

Eventually, ethical hackers may come from three sources: malicious hackers, bright computer science graduates, and individuals from a systems or administration background. Out of these three sources, the malicious hackers is the type of ethical hacker that have higher risk as this is the people who has been using his skills for malicious intent, then grows out of it and wants to earn money. It raised a controversial here while some will argue that only a "real hacker" would have the skill to actually do the work, some people feel that the requirement for absolute trust eliminated such candidates. One rule that IBM's ethical hacking effort had from the very beginning was that they would not hire ex-hackers. The reasoning is would the government hire an ex-convict to become a policeman? One fundamental issue in the hiring of a hacker is ethics. After all, hackers are criminals. And in the UK, the inclusion of cyber crime in the Terrorism Act 2000 means that hackers can now be treated as terrorists.

The ethical hacker must understand his opponent; he must put himself in his opponent's shoes and see what can be seen on the target systems and what can he do with the piece of information gain. Besides, when an intruder breaking into the security system, does anyone at the target notice the intruder's attempts or success?

Besides finding the all vulnerability to exploit, ethical hackers also need to documents them down. The ethical hackers' job definitely is much more complicated and tedious than a black hat hacker.

While the "ethical hacking" raises some hackles as some may say hacking is an unethical activity, so, it is inappropriate to word the term. So, they change the term "ethical hacking" to something else. One of them is Internet security service provider ICSA, in Reston, Va., rejected the use of "ethical" with "hacking," according to M.E. Kabay, director of education. "`Vulnerability testing' is the term we use," Kabay ...