With sensitive information being stored online, it is paramount that companies must protect their internal systems. They need to make sure that they have top-notch security to protect company, employee, and customers data from unauthorised access by cybercriminals.
Ethical hacking is when a company allows a person an authorised attempt to gain access to their applications or server data. When an ethical hacker (also known as a white hat) carries out a hack on company assets, they tend to copy the strategies of malicious hackers. This is so that the hacker can find vulnerabilities that can lead to data being stolen. When a vulnerability is found in the security, the hacker will then notify the company so they can make the necessary changes to fix the problem and strengthen security.
On the other hand, black hat hackers are hackers with malicious intent. They also try to find vulnerabilities in a company’s security, but for the sole purpose of stealing information like trade secrets. They usually do this to damage a company’s reputation or for financial gain.
According to Synopsys, the key concepts of ethical hacking are:
- Stay legal
- Define the scope
- Report vulnerabilities
- Respect data sensitivity
Notorious white hat hackers
Kevin Mitnick is known for being a black hat hacker that turned into a white hat hacker. He was originally arrested by the FBI back in 1995 for his social engineering skills that he used to trick people into giving him their passwords and other sensitive information. He learned his hacking skills at the age of 13 and became the first hacker to reach the FBI “most wanted” list. Today, Mitnick is using his skills for good by creating a security consulting firm called Mitnick Security Consulting LLC, that helps customers protect their valuable information against threats.
Tsutomu Shimomura is known for tracking down and bringing Kevin Mitnick to justice. He ended up creating a book called Takedown, which later turned into a movie called Track Down. Shimomura is a physicist that has worked for the National Security Agency (NSA) and founded Neofocal Systems. He also was one of the leading security researchers that showed awareness to mobile phone’s lacking security.
Charlie Miller is a well-known security researcher that used to work for the National Security Agency (NSA). He has exposed vulnerabilities in products from Apple like the iPhone and iPad. Miller also discovered a critical bug in Apple’s MacBook Air at a contest called Pwn2Own in 2008. He was rewarded a $10,000 prize because of disclosing the vulnerability.
Charlie Miller has also worked for Twitter on their information security team, as well as working with Uber.
Joanna Rutkowska is known for being the founder of Linux-based operating system, Qubes OS. In 2006, Rutkowska became known after she presented vulnerabilities in Microsoft’s Windows Vista kernel at a Black Hat conference in Las Vegas. She also exposed many attacks that were being performed on Intel security technologies.