The internet has been one of the most important inventions of the last 100 years and it has impacted and improved our lives in almost every aspect of what we do and how we live. The internet has given us the power to connect with people from all four corners of the globe, to improve how we do business, how we go about getting from A to B, how we date and even how we bank. In fact, there are very few areas of our lives which aren’t managed by or which aren’t impacted by the internet. It is for this reason why there are also people out there, criminals, who look to take advantage of this and obtain our information.
Bharat Bhise HNA has been working in cybersecurity for his entire career and throughout that time he has just about seen it all in terms of what people can do with a cyberattack. We have seen hacks on just about everyone from private individuals to multi-national companies, and even government agencies. With all of this happening and with hacking becoming such a widespread problem, why is it that companies are looking to hire hackers, and why people like Bharat is giving speeches to cybersecurity companies, encouraging them to hire hackers too?
Ethical Hacking
This is a practice called ethical hacking and it is something which is performed by many companies and many cybersecurity businesses especially. These hackers are enlisted to help the business test any security software which they have, in order to see how easily it can be breached or penetrated. These hackers will have a background of hacking but perhaps not necessarily a crime, and that is why so many businesses have a lot of faith in them.
Why We Need Them
For many years the cybersecurity community and companies who develop security software have been playing a long-winded game of cat and mouse with the hackers. What happens is that a new piece of software is created and rolled out amongst residential and business clients. Hackers then see this piece of ‘unbreakable’ software as a challenge, and so they set about trying to find ways in which to breach it. The hackers almost always find the way to get through the software which means that the software developer has to go back to the drawing board and the entire process starts again. Having ethical hackers working within the business which creates the security software, however, will massively increase the probabilities that the product which is rolled out to the world, is far less likely to be breached by hackers. The reason is simple, they have already tested it with multiple hackers.
Risks
There are some small risks which are associated with ethical hacking such as the possibility that they may find a way of hacking a system but then keep quiet about it, but this is almost impossible. First of all, it is likely that the hackers are challenged with breaking only a small part of the security software, rather than being asked to try and breach the whole suite. Secondly, their actions are monitored at all times to ensure that nothing out of order is going on, and finally, these men and women are trusted just the same way as other members of staff at a security company are trusted. If you think about it, anyone in the company could have nefarious intentions.
Is It Legal?
When ethical hacking began there were a lot of concerns around the legality of it and whether or not hacking could ever be legal. The way in which businesses get around this is that because the hacks take place on their own network, and becasue the software is owned wholly by the company which operates on that network, there is no hack, in reality, just someone working on a piece of software like everyone else in the business. The definition of hacking is as follows:
“the gaining of unauthorized access to data in a system or computer”
As we can see here, in the case of ethical hacking access has been authorized and that is why this is not considered to be wrong. Ethical hackers will have signed agreements with companies that authorize their work, making it impossible for anyone to accuse them of anything.
Ethical hacking will not guarantee that a product cannot be breached after all some hackers are better than others. What ethical hacking does do however is to add a layer of extra security around a piece of software, which prolongs the time by which someone may be able to find a way around the system.
In general, hacking certainly is bad, but as we can see here, there are times when hacking is most certainly necessary.