When you think of someone being an expert in their field,
commonly you think of someone with a Dr. in front of their name. However, with
a hacker it is a little different, there is no real way to add the abbreviation
to the beginning or end of their name. Plus, having the term “professional
hacker” attached to your name may be cool to some, but like being a
“professional hit man” it may not land you that corner office with a view of
the bay.
However, a professional hacker is a highly skilled
individual that knows their way in and out of a software, network, or database.
These men and women have a skill set that allows them find holes in a system,
but that is where the road can fork between a white hat and a black hat hacker.
How will they use their skills and the information they have gathered?
The battle between
good and evil
A white hat hacker has a moral compass that allows them to
use their special powers to help and provide a positive impact on society as a
whole and advance technology to new heights.
Recently, a CBS
affiliate in Chicago covered a story about companies hiring white hat
hackers to do penetration testing to uncover vulnerabilities before the black
hat hackers do. This proactive approach can be a great line of defense to
combat the black hat hackers; think of it like fighting fire with fire. In
other words to stop a hacker, you must think like a hacker.
“Companies want to stay out of the headlines. They don’t
want to be the next big data breach,” said Jay Kaplan, a security expert who
runs a firm that employs hundreds of white hat hackers called Synack.
During the segment they interviewed a couple of different
white hat hackers that are currently working to help companies. These
professional hackers included Anshuman Bhartiya, a contractor that works from
home.
“Some days I can find four or five issues in a couple of
hours,” he said.
They also spoke with Matthew Jakubowski who does penetration
testing for the information security firm Trustwave.
“Instead of us stealing the data, we’re telling you what
we’re able to access and how to prevent us from doing it in the future… Over
the last five or so years, I’ve been able to probably get into about 480
systems and get access to that sensitive data,” said Jakubowski.
First line of defense
According to the CBS report, companies currently spend $100
billion on cyber security and are expected to grow to $160 in the coming years.
Many companies are turning to adding additional check points
to their network and website entry portals. One way that they are doing this is
by adding security features like two-factor authentication and stronger
password policies. These can put a roadblock up to stop any potential
hacktivist threats from entering their networks and websites.
“There is a definite increase of interest in stronger
authentication.” Said Rob Bellefeuille, a member of the team at PortalGuard, an
authentication company located in New Hampshire.
“The one thing that surprises me is the motivators, most
come to us looking to add two-factor authentication due to a requirement or
mandate. With all of the recent publicized data breeches, you would think that
more people would be taking a proactive approach to keep their names out of the
media.” Bellefeuille continued.
Bringing security to
the forefront
Hackers are going to hack, it is just something we need to
accept as members of society. There will never be a world that does not have
evil trying to combat good. In the mind of the black hat hacker it all makes
sense, they believe they are doing the right thing, and that is the way they
see it.
Think about this: You turn on the news and instead of seeing
a story about a company being hacked, you see a story about a company
announcing they have introduced a new security measure to protect their clients
and shoppers. I think more people would shop at those stores because of the
commitment to protecting their customers.
But would calling this out make them more of a target?
No comments:
Post a Comment